This utility checks or sets the status of a network interface’s Media Independent Interface (MII) unit. Most fast ethernet adapters use an MII to autonegotiate link speed and duplex setting.

Most intelligent network devices use an autonegotiation protocol to communicate what media technologies they support, and then select the fastest mutually supported media technology. The -A or –advertise options can be used to tell the MII to only advertise a subset of its capabilities. Some passive devices, such as single-speed hubs, are unable to autonegotiate. To handle such devices, the MII protocol also allows for establishing a link by simply detecting either a 10baseT or 100baseT link beat. The -F or –force options can be used to force the MII to operate in one mode, instead of autonegotiating. The -A and -F options are mutually exclusive.

The default short output reports the negotiated link speed and link status for each interface. If an interface or interfaces are not specified on the command line, then mii-tool will check any available interfaces from eth0 through eth7.

Man page: http://www.netadmintools.com/html/mii-tool.man.html

 

You can also manually set speed parameters with mii-tools:

mii-tool -F 100baseTx-FD eth1

The pwgen program generates passwords which are designed to be easily memorized by humans, while being as secure as possible. Human-memorable passwords are never going to be as secure as completely completely random passwords. In particular, passwords generated by pwgen without the -s option should not be used in places where the password could be attacked via an off-line brute-force attack. On the other hand, completely randomly generated passwords have a tendency to be written down, and are subject to being compromised in that fashion.

The pwgen program is designed to be used both interactively, and in shell scripts. Hence, its default behavior is differs depending on whether the standard output is a tty device or a pipe to another program. Used interactively, pwgen will display a screenful of passwords, allowing the user to pick a single password, and then quickly erase the screen. This prevents someone from being able to “shoulder-surf” the user’s chosen password.

pwgen Man page: http://linux.die.net/man/1/pwgen

FTP is an old protocol and there has been many variations of it’s implementations over the years. These servers listed below vary in many details and far from a complete list of Linux FTP servers out there. But these are few of the most popular Linux FTP servers out there:

1. ProFTPd This server, http://proftpd.org, is one of the more popular of the very complex FTP servers. It ships with most major Linux distributions. Its configuration file is modeled after that of Apache, and the server supports many advanced features.
2. vsftpd This server aims to excel at security, stability, and speed. In doing so, its developers have chosen to ignore some of the more advanced features of servers such as ProFTPd and WU-FTPD. If you don’t need those features, this tradeoff may be more than acceptable. You can learn more from its website, http://vsftpd.beasts.org.
3. WU-FTPD The Washington University FTP Daemon (WU-FTPD) is an old standard in the Linux world. Unfortunately, it’s collected more than its fair share of security problems and isn’t the speediest FTP server available. For these reasons, it ships with fewer Linux distributions today than in years past. Its main website is http://www.wu-ftpd.org.
4. PureFTPd This server, headquartered at http://www.pureftpd.org, is another FTP server that emphasizes security. SuSE ships with a version of this server.
5. oftpd This server is unusual because it’s designed to function only as an anonymous FTP server; it doesn’t support logins using ordinary user accounts. This feature can be appealing if you only want to run an anonymous server, but it makes this server unsuitable for many other purposes. It’s available from http://www.time-travellers.org/oftpd/.

While talking to my friend stan I was quite surprised to see his non-tech ways of hiding p0rn from his girlfriend in his windows box. Which he thinks is a genius method. What he basically does is make a bunch of folders with different, confusing, not-so-interesting names and hide his stash deep deep inside the subfolders. Something like this (not his actual computer):

While I have to give him props for his noble ways, I think we can do a better job in hiding his “important” files in linux. We are going to use a tool called steghide, which uses Steganography, to hide some “important” pictures. While some might argue that there are better ways to hide things in linux and other might argue that it’s not really a practical way to hide 100s (even 1000s?) of pictures. Though I used “p0rn” as a medium, this is more of tutorial about hiding files in general using Steganography. And perhaps more important to my friend stan and other windows users, is that Steghide is also available for windows.

Basically we will have to jpg file and hide/embed one file into another. It is important to note that the file size of file that you will embed to has to be bigger than the embedding file. The file type itself is not important.

In the screen shot below you can see that the file size increased after the embedding/compression. We used this command: steghide embed -cf notporn.jpg -ef thisisporn.jpg

Next we will get some information about the embedded data by using this command
steghide –info notporn.jpg

The next step is of course to extract the embedded/encrypted/compressed data out to open for viewing pleasure. This can achieved by using this command steghide –extract -sf notporn.jpg

For more information about steghide check out: http://steghide.sourceforge.net/
For information about Steganography: http://en.wikipedia.org/wiki/Steganography

Linux Commands/Tools Security Tips