Gnome Login Themes

Friday, March 16, 2012

For one to become a ninja, One must use his powers for the greater good. And that is what you must do. Once you have the tools and knowledge. One must go forth and create wonders with this knowledge. Lend a hand to those less fortunate, and thus having a better understanding on the path of becoming a Linux Ninja Master.

GDM Themes

Download: Link 

Debian Sentinal
Download: Link
A nice simple gdm theme for you debian folk out there!

Download: Link
A beautiful sunset, and multiple backgrounds to choose from.

For more themes I strongly suggest going to Gnome-Look and seeing all the different themes for nearly anything. VLC/Mplayer/Gnome/Compiz/Fonts etc.


Apps to make your Gentoo, Yours

Saturday, March 10, 2012

Once finished installing a new OS and in specific a new flavour of linux, you get that awesome sense of relief and then start to wonder well now what? What apps should I install/want to install. These set of applications+themes will help you get through this tough period and hopefully make your gentoo experience more memorable and helpful. And creating a place where one can modify gnome call 'your computer'.

Ninja: Privilege Escalation Detection

Sunday, March 4, 2012

Ninja is a privilege escalation detection and prevention system for GNU/Linux hosts. While running, it will monitor Process activity on the local host, and keep track of  all processes running as root. If a process is spawned with UID or GID zero (root), ninja will log necessary information about this process, and optionally kill the process if it was spawned by an unauthorised user.

A "magic" group can be specified, allowing members of this group to run any setuid/setgid root executable. Such as the 'root' group.But you can customise it later on.

Individual executables can be white-listed. Ninja uses a fine grained white-list that lets you white list executable on a group  and/or user basis. This can be used to allow specific groups or individual users access to setuid/set-gid root programs, such as su and passwd.

Download ninja from source here OR look for it in your repos, '
 Gentoo: Build from source
 Debian/ubuntu: apt-get install ninja 

Untar the source, goto the ninja directory and type following command to compile and install the ninja:
 make install

copy the white-list file to the /etc/ninja directory

 cp examples/whitelist/simple.wlist /etc/ninja/  

Add group "ninja" (note down the group id):

 groupadd ninja  

Add user 'root' and all other required users to this group:

 usermod -G ninja anormaluser  
 usermod -G ninja root  

Create the ninja log files:

 touch /var/log/ninja.log  

Open the ninja configuration file: vi /etc/ninja/default.conf and change the following settings

 daemon = yes  
 interval = 0  
 logfile = /var/log/ninja.log  
 whitelist = /etc/ninja/simple.wlist  
 external_command = /root/bin/alert  

Here you also need to create a simple script alert (/root/bin/alert) with following entries

 echo 'Alert - Unauthorized Access to system.' | mail -s "'Alert - Unauthorized Access to system." 

Edit the whitelist file located under the /etc/ninja/simple.wlist
The first field is the full path to the executable you wish to white-list. The second field  is  a comma  separated  list  of  groups  that should be granted access to the executable.  The third field is a comma separated list of users.


The second or third field can be left empty.  Please refer to the example whitlist located in "examples/whitelist/".

Remember that it is a good idea to whitelist programs such as passwd and other regular setuid applications  that users require access to.

Finally start ninja using following command:

 /usr/local/bin/ninja /etc/ninja/default.conf  

And now ninja is running, I would add it to the start-up at default time, so your always secure.

 rc-update add ninja default

Testing Ninja:
Create a test user 'test'
Login to the system using this test user
now attempt to become 'root' user by typing command 'su - '
Here ninja will come into action and will kill the entire session and dump the information into the log ...

And just like that you now have the knowledge that your server is safe from people launching a kernel exploit and attempting to get root. Please please do not whitelist sudo. Sudo as I've said before is a package for desktops and is a package which can have serious repercussions if someone gets access to your username.