- User contributions [en]

Template:U Quantal/Servers

Perspectoff — Sat, 15 Jun 2013 19:12:53 GMT

Perspectoff: /* MariaDB */

= Servers =
Many server packages (such as Apache2, MySQL, PHP, etc.) can be installed individually, on either a Desktop edition or a Server edition (using the tasksel command described below). It is not necessary in general, therefore, to install Ubuntu Server if you only wish to use an occasional server package on a Desktop edition. Most of the instructions for individual server packages will work on the Server edition, on the Desktop edition, or on a Server edition that has had an Ubuntu or Kubuntu desktop installed on it.

Nevertheless, the Server edition is optimised for speed and ease of monitoring and maintenance when implemented in large networks and is therefore recommended. (For complete information see the [http://help.ubuntu.com/12.04/serverguide/index.html Ubuntu Server Guide].) It is always possible to [[#Add a desktop to an Ubuntu Server|add an Ubuntu (Gnome) or Kubuntu (KDE) GUI desktop to an Ubuntu Server]] at any time.

*Download the latest Ubuntu Server ISO image from [http://releases.ubuntu.com/quantal/ Ubuntu downloads].
*See [http://help.ubuntu.com/community/BurningIsoHowto this guide] for burning the ISO image to a CD.
*[[Boot_from_a_Live_CD|Use the CD]] for installation of the server.

(If you are attempting to create a dual-boot or multi-boot configuration with multiple operating systems on your computer, then see [[Ubuntu:Quantal#Dual-Booting_Windows_and_Ubuntu|these tips]].)

(Tip: During installation of the server, an initial user / password is created. Many servers are intended to run unattended with little subsequent intervention and it can be easy to forget the original user / password pair that is created at installation. I suggest writing this information down and taping it to the inside of the computer case cover for later reference. (Lock the computer case if you desire extra security.))

There are many server packages that are available to be installed as a one-step process during the Server edition installation process from the LiveCD, or at any time (on most editions) using the [http://wiki.debian.org/tasksel tasksel] command. For a list of server packages that can be installed using the tasksel command:
sudo apt-get install tasksel
sudo tasksel --list-tasks

::or using a GUI list:
sudo tasksel

=== Ultimate Server Walkthrough ===
*Using instructions from Ubuntuguide, an ultimate server can be created with two wikis ([[Ubuntu_Quantal_Groupware_and_Web_Publishing#MediaWiki|MediaWiki]]), two [[Ubuntu_Quantal_Groupware_and_Web_Publishing#Drupal_.28Web_content_publishing.29|Drupal]] websites, a [[Ubuntu_Quantal_Groupware_and_Web_Publishing#Moodle|Moodle]] online learning website, a [[Ubuntu_Quantal_Internet#BigBlueButton|BigBlueButton]] teleconferencing server, an [[Ubuntu_Quantal_Servers#Add_a_desktop_to_an_Ubuntu_Server|Ubuntu desktop]], and [[Ubuntu_Quantal_Networking#Using_Dynamic_IP_addresses_for_a_webserver|dynamic DNS]] access from the web. All components can be expanded and/or additional servers added.

:*[[Ultimate Server Lucid|Lucid]] ultimate server walkthrough.
:*Original [[Ultimate Server Jaunty|Jaunty]] ultimate server walkthrough.

:*To run multiple servers on multiple computers on a LAN using only a single IP address and router, see [[Ubuntu_Quantal_Servers#Reverse_proxy_Servers_and_Load_Balancers|Reverse proxy Servers and Load Balancers]].

== Add a desktop to an Ubuntu Server ==
Packages that require server capabilities (such as Drupal with Apache, etc.) are often happier when a Server edition is installed as the base OS. However, adding a desktop can make the administration and maintenance of many packages easier for many users (albeit with a cost of reduced server speed). Add an Ubuntu (Unity or Gnome) or Kubuntu (KDE) desktop to a server using:
sudo apt-get install ubuntu-desktop

:or

sudo apt-get install kubuntu-desktop

== LAMP server installation ==
During [[#Servers|server]] installation, you will have the option of installing a LAMP (Linux, Apache, MySQL, PHP) server stack. Many (but not all) open source servers use this integrated server stack. Drupal, for example, needs to have a LAMP server installed. If you intend to install a groupware server, however, make sure it is compatible with a LAMP server stack before choosing this option. Many groupware servers will install LAMP (or their own variation) automatically, so you do not need to install the LAMP stack. Others will install and use postgreSQL instead of MySQL, so you would not need to install a LAMP server.

=== Apache2 + MySQL + PHP ===
This is the preferred method:
sudo apt-get install tasksel
sudo tasksel install lamp-server

(Tip: During installation of the LAMP server, an initial MySQL "root" user password is created. This information will sometimes be needed when installing other server packages that use MySQL. I suggest writing the MySQL password down and taping it to the inside of the computer case cover for later reference. (Lock the computer case if you desire extra security.))

== Other servers ==
During server installation, you can choose other servers to install, as well. These include a [[#Mail Server|Mail server]] (Postfix with Dovecot), a [[#Bind9 (DNS server)|DNS server]] (bind9), the [[Ubuntu:Quantal#Setup an SSH server|OpenSSH server]], a [[#Print server|print server]], a [[#Apache Tomcat (Java server)|Tomcat Java web server]], a [[Ubuntu:Quantal#Samba_server|Samba file server]] (for use with Windows networks), and a [[Ubuntu:Quantal#Xen virtual machine host|virtual machine host]] (Xen). Again, if you are using a groupware solution, you should be careful about installing these services, as they may conflict with similar (but competing) servers which the groupware solution will install by default.

=== eBox (server and network manager) ===
[http://www.ebox-platform.com/ eBox] is a web-browser based server management platform that is useful in managing multiple servers and networking functions in a small to medium business. It is modular so that as the network grows and more networking functions or servers (such as the ones listed below) are added, eBox can manage those, as well. Install:
sudo apt-get install ebox

=== OpenSSH server ===
OpenSSH allows encrypted communications through a designated secure port. See [[Ubuntu:Quantal#Setup an SSH server|setting up an SSH server]].

=== Mail Server ===
* See [[Ubuntu_Quantal_Groupware_and_Web_Publishing#Mail_servers|this section]].

There are two methods for setting up a mail server.

* The dovecot-postfix package install the components and configuration files to use the Maildir (mail spooling) folder system by default. See [[Ubuntu_Quantal_Groupware_and_Web_Publishing#Postfix_.2F_Dovecot_.28Mail_Server.29|Dovecot-Postfix Mail server]].

* The mail-server task installs the components and configuration files to use the mbox (mail spooling) system by default. This can be installed:
sudo apt-get install tasksel
sudo tasksel install mail-server

=== Bind9 (DNS server) ===
[http://en.wikipedia.org/wiki/BIND BIND] DNS servers are the most commonly used on the Internet. Bind9 is the current edition. See the [http://www.bind9.net/manual/bind/9.2.5/Bv9ARM.html usage instruction here]. Also see the [http://help.ubuntu.com/12.04/serverguide/dns.html official Ubuntu documentation] for more configuration information. It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install dns-server

=== Apache Tomcat (Java server) ===
[http://tomcat.apache.org/ Tomcat] is a free open source platform from Apache which provides a "pure Java" HTTP web server environment for Java code to run (see [http://en.wikipedia.org/wiki/Apache_tomcat here] for more info).

It is not part of the Apache2 web server. See the [http://help.ubuntu.com/12.04/serverguide/tomcat.html official Ubuntu documentation] for more configuration information. It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install tomcat-server

=== Xen virtual machine host ===
[http://www.xen.org/ Xen] is a free open source virtualization platform that allows the host to run "guest" operating systems simultaneously (see [http://en.wikipedia.org/wiki/Xen here] for more info). Xen implementation in the (K)ubuntu server is based on integration with [http://en.wikipedia.org/wiki/Kernel-based_Virtual_Machine KVM], the kernel-based virtualization platform in Linux. KVM integrates with [http://bellard.org/qemu/about.html QEMU] components, which have been merged with Xen.

Note: KVM requires a 64-bit processor with a virtualization extension, i.e. an [http://en.wikipedia.org/wiki/X86_virtualization#Intel_Virtualization_Technology_.28Intel_VT.29 Intel VT] or [http://en.wikipedia.org/wiki/X86_virtualization#AMD_virtualization_.28AMD-V.29 AMD-V] CPU, therefore this package currently is successful only with the 64-bit Ubuntu server installation and on those CPUs.

It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install virt-host

=== Print server ===
Ubuntu uses the [http://help.ubuntu.com/12.04/serverguide/cups.html CUPS print server], which is integrated into the desktop. Installing a print server in Ubuntu Server is necessary only if you do not intend to use a desktop (i.e. you intend a "headless" server). It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install print-server

=== OpenLDAP ===
[http://www.openldap.org/ OpenLDAP] is a community-based [http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol LDAP] server that allows directory querying over TCP/IP, generally for organizations arranged by domain. Ubuntu uses the slapd daemon for the OpenLDAP server. See the [http://help.ubuntu.com/12.04/serverguide/openldap-server.html official Ubuntu documentation] for more information about installation and setup.

=== Proxy server ===
==== Squid ====
[http://www.squid-cache.org/ Squid] is a widely-used proxy web server and web cache daemon that is useful for corporate or other large LANs that wish to accelerate and/or control traffic through the LAN. For initial configuration information, see the [http://help.ubuntu.com/12.04/serverguide/serverguide/C/squid.html official Ubuntu documentation]. Install:
sudo apt-get install squid

==== Privoxy ====
[http://www.privoxy.org/ Privoxy] is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. It is easier to configure and more useful for individual users. Install:
sudo apt-get install privoxy

=== Reverse proxy Servers and Load Balancers ===
A [http://en.wikipedia.org/wiki/Reverse_proxy reverse proxy] server allows incoming web traffic on a LAN to be directed to multiple computers (each running one or more servers) on the LAN. When redundant instances of a server exist on a LAN, a [http://en.wikipedia.org/wiki/Load_balancing_%28computing%29 Load Balancer] allows traffic to be directed to the most available instance.

==== Pound (Reverse proxy and load balancer) ====
[http://www.apsis.ch/pound/ Pound] is a free, open source (GPL-licensed) lightweight reverse proxy and load balancer. Also see the [https://help.ubuntu.com/community/Pound Ubuntu Community] instructions. Install:
sudo apt-get install pound

==== Apache Reverse proxy ====
The Apache2 server has a [http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass mod_proxy] module available that enables reverse proxies. See [[Apache2_reverse_proxies|these instructions]] for a simple method to implement reverse proxies using this Apache module.

=== Control panels ===
There are several free and/or GPL-licensed control panel utilities for managing multiple servers on a single physical server or cluster of servers running Debian/Ubuntu-based servers. [http://www.techmixer.com/best-free-web-hosting-control-panel-to-manage-web-hosting/ Here] is a brief overview.

*[http://www.webmin.com/ Webmin] is the most widely used web browser-based free open source web hosting control panel for Linux.
*[http://gnupanel.org/ GNUPanel] is a free GPL-licensed web hosting control panel system that is compatible with Debian/Ubuntu OS using PHP.
*[http://www.web-cp.net/ Web-cp.net] is a free GPL-licensed web hosting control panel system that is compatible with Debian/Ubuntu OS using PHP.

= Network Attached Servers =
* [[Commercial_NAS|Here]] are some user-contributed suggestions regarding commercially available NAS/RAID devices.

== FreeNAS ==
[http://www.freenas.org/ FreeNAS] allows a PC with several hard drives to function as a self-contained network attached storage RAID device. It is a very small, fast system, so that an older PCs could function quite well as an NAS.

= Setup RAID in Ubuntu/Kubuntu =
See [http://ubuntuforums.org/showthread.php?t=408461 this thread] for a discussion how to set up RAID on an Ubuntu/Kubuntu server.

= Databases =
There are several free enterprise-strength databases that can be used in (K)Ubuntu Linux.
== PostgreSQL ==
[http://www.postgresql.org/ PostgreSQL] is a free standards-compliant enterprise-strength open-source database, initially developed at UC Berkeley. See the [http://www.postgresql.org/docs/8.4/static/admin.html PostgreSQL Server documentation] for server configuration information. Install using the dummy task:
sudo apt-get install tasksel
sudo tasksel postgresql-server

: or install directly:
sudo apt-get install postgresql-8.4

::or

sudo apt-get install postgresql

== MySQL ==
[http://en.wikipedia.org/wiki/MySQL MySQL] is one of the most widely-used relational databases, and has been licensed under the GPLv2. It has now been bought by Oracle as part of the purchase of Sun. It has long been integrated into co-ordinated server platforms using the [[#LAMP server installation|LAMP]] stack, but it can also be installed separately.
sudo apt-get install mysql-server

== MariaDB ==
Since the purchase of MySQL by Oracle, an effort to maintain a true community-driven replacement for MySQL has emerged in the form of [https://mariadb.org/ MariaDB], whose lead developer is the founder of the original MySQL. It is touted as a drop-in replacement for MySQL on a verion-by-version basis. (See [https://kb.askmonty.org/en/mariadb-versus-mysql-compatibility/ this comparison].) Installation is from the [https://downloads.mariadb.org/mariadb/repositories/ MariaDB repositories]. For example, to install MariaDB version 10.0:

sudo apt-get install software-properties-common
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943db
sudo add-apt-repository 'deb <nowiki>http://ftp.osuosl.org/pub/mariadb/repo/10.0/ubuntu</nowiki> quantal main'
sudo apt-get update
sudo apt-get install mariadb-server

:Note: Key servers often use port 11371. Make sure your [[Ubuntu_Quantal_Network_Management#Firewall|firewall]] allows port 11371 to be open.

* For troubleshooting information, see [http://kb.askmonty.org/en/installing-mariadb-deb-files/ this page] and [http://stackoverflow.com/questions/16214517/installing-mariadb-unmet-dependencies-mariadb-server-5-5 this page].

* [http://yaui.me/mariadb-how-install-ubuntu-12-04-lts/ This page] includes these steps to add required dependencies:

sudo apt-get install libmariadbclient-dev libmariadbclient18 libmariadbd-dev libmysqlclient18 mariadb-client
sudo apt-get install mariadb-client-5.5 mariadb-client-core-5.5 mariadb-common mariadb-server mariadb-server-5.5
sudo apt-get install mariadb-server-core-5.5 mariadb-test mariadb-test-5.5 mysql-common

sudo /etc/init.d/mysql start

* [http://eureka.ykyuen.info/2013/01/25/mariadb-installation-on-ubuntu-precise/ This page] recommends immediately securing the database: "Secure MariaDB by the mysql_secure_installation command and configure:"

Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] Y
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y

Template:U Precise/Servers

Perspectoff — Sat, 15 Jun 2013 19:12:04 GMT

Perspectoff:

= Servers =
Many server packages (such as Apache2, MySQL, PHP, etc.) can be installed individually, on either a Desktop edition or a Server edition (using the tasksel command described below). It is not necessary in general, therefore, to install Ubuntu Server if you only wish to use an occasional server package on a Desktop edition. Most of the instructions for individual server packages will work on the Server edition, on the Desktop edition, or on a Server edition that has had an Ubuntu or Kubuntu desktop installed on it.

Nevertheless, the Server edition is optimised for speed and ease of monitoring and maintenance when implemented in large networks and is therefore recommended. (For complete information see the [http://help.ubuntu.com/12.04/serverguide/index.html Ubuntu Server Guide].) It is always possible to [[#Add a desktop to an Ubuntu Server|add an Ubuntu (Gnome) or Kubuntu (KDE) GUI desktop to an Ubuntu Server]] at any time.

*Download the latest Ubuntu Server ISO image from [http://releases.ubuntu.com/precise/ Ubuntu downloads].
*See [http://help.ubuntu.com/community/BurningIsoHowto this guide] for burning the ISO image to a CD.
*[[Boot_from_a_Live_CD|Use the CD]] for installation of the server.

(If you are attempting to create a dual-boot or multi-boot configuration with multiple operating systems on your computer, then see [[Ubuntu:Precise#Dual-Booting_Windows_and_Ubuntu|these tips]].)

(Tip: During installation of the server, an initial user / password is created. Many servers are intended to run unattended with little subsequent intervention and it can be easy to forget the original user / password pair that is created at installation. I suggest writing this information down and taping it to the inside of the computer case cover for later reference. (Lock the computer case if you desire extra security.))

There are many server packages that are available to be installed as a one-step process during the Server edition installation process from the LiveCD, or at any time (on most editions) using the [http://wiki.debian.org/tasksel tasksel] command. For a list of server packages that can be installed using the tasksel command:
sudo apt-get install tasksel
sudo tasksel --list-tasks

::or using a GUI list:
sudo tasksel

=== Ultimate Server Walkthrough ===
*Using instructions from Ubuntuguide, an ultimate server can be created with two wikis ([[Ubuntu_Precise_Groupware_and_Web_Publishing#MediaWiki|MediaWiki]]), two [[Ubuntu_Precise_Groupware_and_Web_Publishing#Drupal_.28Web_content_publishing.29|Drupal]] websites, a [[Ubuntu_Precise_Groupware_and_Web_Publishing#Moodle|Moodle]] online learning website, a [[Ubuntu_Precise_Internet#BigBlueButton|BigBlueButton]] teleconferencing server, an [[Ubuntu_Precise_Servers#Add_a_desktop_to_an_Ubuntu_Server|Ubuntu desktop]], and [[Ubuntu_Precise_Networking#Using_Dynamic_IP_addresses_for_a_webserver|dynamic DNS]] access from the web. All components can be expanded and/or additional servers added.

:*[[Ultimate Server Lucid|Lucid]] ultimate server walkthrough.
:*Original [[Ultimate Server Jaunty|Jaunty]] ultimate server walkthrough.

:*To run multiple servers on multiple computers on a LAN using only a single IP address and router, see [[Ubuntu_Precise_Servers#Reverse_proxy_Servers_and_Load_Balancers|Reverse proxy Servers and Load Balancers]].

== Add a desktop to an Ubuntu Server ==
Packages that require server capabilities (such as Drupal with Apache, etc.) are often happier when a Server edition is installed as the base OS. However, adding a desktop can make the administration and maintenance of many packages easier for many users (albeit with a cost of reduced server speed). Add an Ubuntu (Unity or Gnome) or Kubuntu (KDE) desktop to a server using:
sudo apt-get install ubuntu-desktop

:or

sudo apt-get install kubuntu-desktop

== LAMP server installation ==
During [[#Servers|server]] installation, you will have the option of installing a LAMP (Linux, Apache, MySQL, PHP) server stack. Many (but not all) open source servers use this integrated server stack. Drupal, for example, needs to have a LAMP server installed. If you intend to install a groupware server, however, make sure it is compatible with a LAMP server stack before choosing this option. Many groupware servers will install LAMP (or their own variation) automatically, so you do not need to install the LAMP stack. Others will install and use postgreSQL instead of MySQL, so you would not need to install a LAMP server.

=== Apache2 + MySQL + PHP ===
This is the preferred method:
sudo apt-get install tasksel
sudo tasksel install lamp-server

(Tip: During installation of the LAMP server, an initial MySQL "root" user password is created. This information will sometimes be needed when installing other server packages that use MySQL. I suggest writing the MySQL password down and taping it to the inside of the computer case cover for later reference. (Lock the computer case if you desire extra security.))

== Other servers ==
During server installation, you can choose other servers to install, as well. These include a [[#Mail Server|Mail server]] (Postfix with Dovecot), a [[#Bind9 (DNS server)|DNS server]] (bind9), the [[Ubuntu:Precise#Setup an SSH server|OpenSSH server]], a [[#Print server|print server]], a [[#Apache Tomcat (Java server)|Tomcat Java web server]], a [[Ubuntu:Precise#Samba_server|Samba file server]] (for use with Windows networks), and a [[Ubuntu:Precise#Xen virtual machine host|virtual machine host]] (Xen). Again, if you are using a groupware solution, you should be careful about installing these services, as they may conflict with similar (but competing) servers which the groupware solution will install by default.

=== eBox (server and network manager) ===
[http://www.ebox-platform.com/ eBox] is a web-browser based server management platform that is useful in managing multiple servers and networking functions in a small to medium business. It is modular so that as the network grows and more networking functions or servers (such as the ones listed below) are added, eBox can manage those, as well. Install:
sudo apt-get install ebox

=== OpenSSH server ===
OpenSSH allows encrypted communications through a designated secure port. See [[Ubuntu:Precise#Setup an SSH server|setting up an SSH server]].

=== Mail Server ===
* See [[Ubuntu_Precise_Groupware_and_Web_Publishing#Mail_servers|this section]].

There are two methods for setting up a mail server.

* The dovecot-postfix package install the components and configuration files to use the Maildir (mail spooling) folder system by default. See [[Ubuntu_Precise_Groupware_and_Web_Publishing#Postfix_.2F_Dovecot_.28Mail_Server.29|Dovecot-Postfix Mail server]].

* The mail-server task installs the components and configuration files to use the mbox (mail spooling) system by default. This can be installed:
sudo apt-get install tasksel
sudo tasksel install mail-server

=== Bind9 (DNS server) ===
[http://en.wikipedia.org/wiki/BIND BIND] DNS servers are the most commonly used on the Internet. Bind9 is the current edition. See the [http://www.bind9.net/manual/bind/9.2.5/Bv9ARM.html usage instruction here]. Also see the [http://help.ubuntu.com/12.04/serverguide/dns.html official Ubuntu documentation] for more configuration information. It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install dns-server

=== Apache Tomcat (Java server) ===
[http://tomcat.apache.org/ Tomcat] is a free open source platform from Apache which provides a "pure Java" HTTP web server environment for Java code to run (see [http://en.wikipedia.org/wiki/Apache_tomcat here] for more info).

It is not part of the Apache2 web server. See the [http://help.ubuntu.com/12.04/serverguide/tomcat.html official Ubuntu documentation] for more configuration information. It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install tomcat-server

=== Xen virtual machine host ===
[http://www.xen.org/ Xen] is a free open source virtualization platform that allows the host to run "guest" operating systems simultaneously (see [http://en.wikipedia.org/wiki/Xen here] for more info). Xen implementation in the (K)ubuntu server is based on integration with [http://en.wikipedia.org/wiki/Kernel-based_Virtual_Machine KVM], the kernel-based virtualization platform in Linux. KVM integrates with [http://bellard.org/qemu/about.html QEMU] components, which have been merged with Xen.

Note: KVM requires a 64-bit processor with a virtualization extension, i.e. an [http://en.wikipedia.org/wiki/X86_virtualization#Intel_Virtualization_Technology_.28Intel_VT.29 Intel VT] or [http://en.wikipedia.org/wiki/X86_virtualization#AMD_virtualization_.28AMD-V.29 AMD-V] CPU, therefore this package currently is successful only with the 64-bit Ubuntu server installation and on those CPUs.

It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install virt-host

=== Print server ===
Ubuntu uses the [http://help.ubuntu.com/12.04/serverguide/cups.html CUPS print server], which is integrated into the desktop. Installing a print server in Ubuntu Server is necessary only if you do not intend to use a desktop (i.e. you intend a "headless" server). It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install print-server

=== OpenLDAP ===
[http://www.openldap.org/ OpenLDAP] is a community-based [http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol LDAP] server that allows directory querying over TCP/IP, generally for organizations arranged by domain. Ubuntu uses the slapd daemon for the OpenLDAP server. See the [http://help.ubuntu.com/12.04/serverguide/openldap-server.html official Ubuntu documentation] for more information about installation and setup.

=== Proxy server ===
==== Squid ====
[http://www.squid-cache.org/ Squid] is a widely-used proxy web server and web cache daemon that is useful for corporate or other large LANs that wish to accelerate and/or control traffic through the LAN. For initial configuration information, see the [http://help.ubuntu.com/12.04/serverguide/serverguide/C/squid.html official Ubuntu documentation]. Install:
sudo apt-get install squid

==== Privoxy ====
[http://www.privoxy.org/ Privoxy] is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. It is easier to configure and more useful for individual users. Install:
sudo apt-get install privoxy

=== Reverse proxy Servers and Load Balancers ===
A [http://en.wikipedia.org/wiki/Reverse_proxy reverse proxy] server allows incoming web traffic on a LAN to be directed to multiple computers (each running one or more servers) on the LAN. When redundant instances of a server exist on a LAN, a [http://en.wikipedia.org/wiki/Load_balancing_%28computing%29 Load Balancer] allows traffic to be directed to the most available instance.

==== Pound (Reverse proxy and load balancer) ====
[http://www.apsis.ch/pound/ Pound] is a free, open source (GPL-licensed) lightweight reverse proxy and load balancer. Also see the [https://help.ubuntu.com/community/Pound Ubuntu Community] instructions. Install:
sudo apt-get install pound

==== Apache Reverse proxy ====
The Apache2 server has a [http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass mod_proxy] module available that enables reverse proxies. See [[Apache2_reverse_proxies|these instructions]] for a simple method to implement reverse proxies using this Apache module.

=== Control panels ===
There are several free and/or GPL-licensed control panel utilities for managing multiple servers on a single physical server or cluster of servers running Debian/Ubuntu-based servers. [http://www.techmixer.com/best-free-web-hosting-control-panel-to-manage-web-hosting/ Here] is a brief overview.

*[http://www.webmin.com/ Webmin] is the most widely used web browser-based free open source web hosting control panel for Linux.
*[http://gnupanel.org/ GNUPanel] is a free GPL-licensed web hosting control panel system that is compatible with Debian/Ubuntu OS using PHP.
*[http://www.web-cp.net/ Web-cp.net] is a free GPL-licensed web hosting control panel system that is compatible with Debian/Ubuntu OS using PHP.

= Network Attached Servers =
* [[Commercial_NAS|Here]] are some user-contributed suggestions regarding commercially available NAS/RAID devices.

== FreeNAS ==
[http://www.freenas.org/ FreeNAS] allows a PC with several hard drives to function as a self-contained network attached storage RAID device. It is a very small, fast system, so that an older PCs could function quite well as an NAS.

= Setup RAID in Ubuntu/Kubuntu =
See [http://ubuntuforums.org/showthread.php?t=408461 this thread] for a discussion how to set up RAID on an Ubuntu/Kubuntu server.

= Databases =
There are several free enterprise-strength databases that can be used in (K)Ubuntu Linux.
== PostgreSQL ==
[http://www.postgresql.org/ PostgreSQL] is a free standards-compliant enterprise-strength open-source database, initially developed at UC Berkeley. See the [http://www.postgresql.org/docs/8.4/static/admin.html PostgreSQL Server documentation] for server configuration information. Install using the dummy task:
sudo apt-get install tasksel
sudo tasksel postgresql-server

: or install directly:
sudo apt-get install postgresql-8.4

::or

sudo apt-get install postgresql

== MySQL ==
[http://en.wikipedia.org/wiki/MySQL MySQL] is one of the most widely-used relational databases, and has been licensed under the GPLv2. It has now been bought by Oracle as part of the purchase of Sun. It has long been integrated into co-ordinated server platforms using the [[#LAMP server installation|LAMP]] stack, but it can also be installed separately.
sudo apt-get install mysql-server

== MariaDB ==
Since the purchase of MySQL by Oracle, an effort to maintain a true community-driven replacement for MySQL has emerged in the form of [https://mariadb.org/ MariaDB], whose lead developer is the founder of the original MySQL. It is touted as a drop-in replacement for MySQL on a verion-by-version basis. (See [https://kb.askmonty.org/en/mariadb-versus-mysql-compatibility/ this comparison].) Installation is from the [https://downloads.mariadb.org/mariadb/repositories/ MariaDB repositories]. For example, to install MariaDB version 5.5:

sudo apt-get install python-software-properties
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943db
sudo add-apt-repository 'deb <nowiki>http://ftp.osuosl.org/pub/mariadb/repo/5.5/ubuntu</nowiki> precise main'
sudo apt-get update
sudo apt-get install mariadb-server

:Note: Key servers often use port 11371. Make sure your [[Ubuntu_Precise_Network_Management#Firewall|firewall]] allows port 11371 to be open.

* For troubleshooting information, see [http://kb.askmonty.org/en/installing-mariadb-deb-files/ this page] and [http://stackoverflow.com/questions/16214517/installing-mariadb-unmet-dependencies-mariadb-server-5-5 this page].

* [http://yaui.me/mariadb-how-install-ubuntu-12-04-lts/ This page] includes these steps to add required dependencies:

sudo apt-get install libmariadbclient-dev libmariadbclient18 libmariadbd-dev libmysqlclient18 mariadb-client
sudo apt-get install mariadb-client-5.5 mariadb-client-core-5.5 mariadb-common mariadb-server mariadb-server-5.5
sudo apt-get install mariadb-server-core-5.5 mariadb-test mariadb-test-5.5 mysql-common

sudo /etc/init.d/mysql start

* [http://eureka.ykyuen.info/2013/01/25/mariadb-installation-on-ubuntu-precise/ This page] recommends immediately securing the database: "Secure MariaDB by the mysql_secure_installation command and configure:"

Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] Y
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y

Template:K Precise/Servers

Perspectoff — Sat, 15 Jun 2013 19:10:28 GMT

Perspectoff:

= Servers =
Many server packages (such as Apache2, MySQL, PHP, etc.) can be installed individually, on either a Desktop edition or a Server edition (using the tasksel command described below). It is not necessary in general, therefore, to install Ubuntu Server if you only wish to use an occasional server package on a Desktop edition. Most of the instructions for individual server packages will work on the Server edition, on the Desktop edition, or on a Server edition that has had an Ubuntu or Kubuntu desktop installed on it.

Nevertheless, the Server edition is optimised for speed and ease of monitoring and maintenance when implemented in large networks and is therefore recommended. (For complete information see the [http://help.ubuntu.com/12.04/serverguide/index.html Ubuntu Server Guide].) It is always possible to [[#Add a desktop to an Ubuntu Server|add an Ubuntu (Gnome) or Kubuntu (KDE) GUI desktop to an Ubuntu Server]] at any time.

*Download the latest Ubuntu Server ISO image from [http://releases.ubuntu.com/precise/ Ubuntu downloads].
*See [http://help.ubuntu.com/community/BurningIsoHowto this guide] for burning the ISO image to a CD.
*[[Boot_from_a_Live_CD|Use the CD]] for installation of the server.

(If you are attempting to create a dual-boot or multi-boot configuration with multiple operating systems on your computer, then see [[Kubuntu:Precise#Dual-Booting_Windows_and_Kubuntu|these tips]].)

(Tip: During installation of the server, an initial user / password is created. Many servers are intended to run unattended with little subsequent intervention and it can be easy to forget the original user / password pair that is created at installation. I suggest writing this information down and taping it to the inside of the computer case cover for later reference. (Lock the computer case if you desire extra security.))

There are many server packages that are available to be installed as a one-step process during the Server edition installation process from the LiveCD, or at any time (on most editions) using the [http://wiki.debian.org/tasksel tasksel] command. For a list of server packages that can be installed using the tasksel command:
sudo apt-get install tasksel
sudo tasksel --list-tasks

::or using a GUI list:
sudo tasksel

=== Ultimate Server Walkthrough ===
*Using instructions from Kubuntuguide, an ultimate server can be created with two wikis ([[Kubuntu_Precise_Groupware_and_Web_Publishing#MediaWiki|MediaWiki]]), two [[Kubuntu_Precise_Groupware_and_Web_Publishing#Drupal_.28Web_content_publishing.29|Drupal]] websites, a [[Kubuntu_Precise_Groupware_and_Web_Publishing#Moodle|Moodle]] online learning website, a [[Kubuntu_Precise_Internet#BigBlueButton|BigBlueButton]] teleconferencing server, a [[Kubuntu_Precise_Servers#Add_a_desktop_to_an_Ubuntu_Server|Kubuntu desktop]], and [[Kubuntu_Precise_Networking#Using_Dynamic_IP_addresses_for_a_webserver|dynamic DNS]] access from the web. All components can be expanded and/or additional servers added.

:*[[Ultimate Server Lucid|Lucid]] ultimate server walkthrough.
:*Original [[Ultimate Server Jaunty|Jaunty]] ultimate server walkthrough.

:*To run multiple servers on multiple computers on a LAN using only a single IP address and router, see [[Kubuntu_Precise_Servers#Reverse_proxy_Servers_and_Load_Balancers|Reverse proxy Servers and Load Balancers]].

== Add a desktop to an Ubuntu Server ==
Packages that require server capabilities (such as Drupal with Apache, etc.) are often happier when a Server edition is installed as the base OS. However, adding a desktop can make the administration and maintenance of many packages easier for many users (albeit with a cost of reduced server speed). Add an Ubuntu (Unity or Gnome) or Kubuntu (KDE) desktop to a server using:
sudo apt-get install ubuntu-desktop

:or

sudo apt-get install kubuntu-desktop

== LAMP server installation ==
During [[#Servers|server]] installation, you will have the option of installing a LAMP (Linux, Apache, MySQL, PHP) server stack. Many (but not all) open source servers use this integrated server stack. Drupal, for example, needs to have a LAMP server installed. If you intend to install a groupware server, however, make sure it is compatible with a LAMP server stack before choosing this option. Many groupware servers will install LAMP (or their own variation) automatically, so you do not need to install the LAMP stack. Others will install and use postgreSQL instead of MySQL, so you would not need to install a LAMP server.

=== Apache2 + MySQL + PHP ===
This is the preferred method:
sudo apt-get install tasksel
sudo tasksel install lamp-server

(Tip: During installation of the LAMP server, an initial MySQL "root" user password is created. This information will sometimes be needed when installing other server packages that use MySQL. I suggest writing the MySQL password down and taping it to the inside of the computer case cover for later reference. (Lock the computer case if you desire extra security.))

== Other servers ==
During server installation, you can choose other servers to install, as well. These include a [[#Mail Server|Mail server]] (Postfix with Dovecot), a [[#Bind9 (DNS server)|DNS server]] (bind9), the [[Kubuntu:Precise#Setup an SSH server|OpenSSH server]], a [[#Print server|print server]], a [[#Apache Tomcat (Java server)|Tomcat Java web server]], a [[Kubuntu:Precise#Samba_server|Samba file server]] (for use with Windows networks), and a [[Kubuntu:Precise#Xen virtual machine host|virtual machine host]] (Xen). Again, if you are using a groupware solution, you should be careful about installing these services, as they may conflict with similar (but competing) servers which the groupware solution will install by default.

=== eBox (server and network manager) ===
[http://www.ebox-platform.com/ eBox] is a web-browser based server management platform that is useful in managing multiple servers and networking functions in a small to medium business. It is modular so that as the network grows and more networking functions or servers (such as the ones listed below) are added, eBox can manage those, as well. Install:
sudo apt-get install ebox

=== OpenSSH server ===
OpenSSH allows encrypted communications through a designated secure port. See [[Kubuntu:Precise#Setup an SSH server|setting up an SSH server]].

=== Mail Server ===
* See [[Kubuntu_Precise_Groupware_and_Web_Publishing#Mail_servers|this section]].

There are two methods for setting up a mail server.

* The dovecot-postfix package install the components and configuration files to use the Maildir (mail spooling) folder system by default. See [[Kubuntu_Precise_Groupware_and_Web_Publishing#Postfix_.2F_Dovecot_.28Mail_Server.29|Dovecot-Postfix Mail server]].

* The mail-server task installs the components and configuration files to use the mbox (mail spooling) system by default. This can be installed:
sudo apt-get install tasksel
sudo tasksel install mail-server

=== Bind9 (DNS server) ===
[http://en.wikipedia.org/wiki/BIND BIND] DNS servers are the most commonly used on the Internet. Bind9 is the current edition. See the [http://www.bind9.net/manual/bind/9.2.5/Bv9ARM.html usage instruction here]. Also see the [http://help.ubuntu.com/12.04/serverguide/dns.html official Ubuntu documentation] for more configuration information. It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install dns-server

=== Apache Tomcat (Java server) ===
[http://tomcat.apache.org/ Tomcat] is a free open source platform from Apache which provides a "pure Java" HTTP web server environment for Java code to run (see [http://en.wikipedia.org/wiki/Apache_tomcat here] for more info).

It is not part of the Apache2 web server. See the [http://help.ubuntu.com/12.04/serverguide/tomcat.html official Ubuntu documentation] for more configuration information. It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install tomcat-server

=== Xen virtual machine host ===
[http://www.xen.org/ Xen] is a free open source virtualization platform that allows the host to run "guest" operating systems simultaneously (see [http://en.wikipedia.org/wiki/Xen here] for more info). Xen implementation in the (K)ubuntu server is based on integration with [http://en.wikipedia.org/wiki/Kernel-based_Virtual_Machine KVM], the kernel-based virtualization platform in Linux. KVM integrates with [http://bellard.org/qemu/about.html QEMU] components, which have been merged with Xen.

Note: KVM requires a 64-bit processor with a virtualization extension, i.e. an [http://en.wikipedia.org/wiki/X86_virtualization#Intel_Virtualization_Technology_.28Intel_VT.29 Intel VT] or [http://en.wikipedia.org/wiki/X86_virtualization#AMD_virtualization_.28AMD-V.29 AMD-V] CPU, therefore this package currently is successful only with the 64-bit Ubuntu server installation and on those CPUs.

It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install virt-host

=== Print server ===
Ubuntu uses the [http://help.ubuntu.com/12.04/serverguide/cups.html CUPS print server], which is integrated into the desktop. Installing a print server in Ubuntu Server is necessary only if you do not intend to use a desktop (i.e. you intend a "headless" server). It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install print-server

=== OpenLDAP ===
[http://www.openldap.org/ OpenLDAP] is a community-based [http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol LDAP] server that allows directory querying over TCP/IP, generally for organizations arranged by domain. Ubuntu uses the slapd daemon for the OpenLDAP server. See the [http://help.ubuntu.com/12.04/serverguide/openldap-server.html official Ubuntu documentation] for more information about installation and setup.

=== Proxy server ===
==== Squid ====
[http://www.squid-cache.org/ Squid] is a widely-used proxy web server and web cache daemon that is useful for corporate or other large LANs that wish to accelerate and/or control traffic through the LAN. For initial configuration information, see the [http://help.ubuntu.com/12.04/serverguide/squid.html official Ubuntu documentation]. Install:
sudo apt-get install squid

==== Privoxy ====
[http://www.privoxy.org/ Privoxy] is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. It is easier to configure and more useful for individual users. Install:
sudo apt-get install privoxy

=== Reverse proxy Servers and Load Balancers ===
A [http://en.wikipedia.org/wiki/Reverse_proxy reverse proxy] server allows incoming web traffic on a LAN to be directed to multiple computers (each running one or more servers) on the LAN. When redundant instances of a server exist on a LAN, a [http://en.wikipedia.org/wiki/Load_balancing_%28computing%29 Load Balancer] allows traffic to be directed to the most available instance.

==== Pound (Reverse proxy and load balancer) ====
[http://www.apsis.ch/pound/ Pound] is a free, open source (GPL-licensed) lightweight reverse proxy and load balancer. Also see the [https://help.ubuntu.com/community/Pound Ubuntu Community] instructions. Install:
sudo apt-get install pound

==== Apache Reverse proxy ====
The Apache2 server has a [http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass mod_proxy] module available that enables reverse proxies. See [[Apache2_reverse_proxies|these instructions]] for a simple method to implement reverse proxies using this Apache module.

=== Control panels ===
There are several free and/or GPL-licensed control panel utilities for managing multiple servers on a single physical server or cluster of servers running Debian/Ubuntu-based servers. [http://www.techmixer.com/best-free-web-hosting-control-panel-to-manage-web-hosting/ Here] is a brief overview.

*[http://www.webmin.com/ Webmin] is the most widely used web browser-based free open source web hosting control panel for Linux.
*[http://gnupanel.org/ GNUPanel] is a free GPL-licensed web hosting control panel system that is compatible with Debian/Ubuntu OS using PHP.
*[http://www.web-cp.net/ Web-cp.net] is a free GPL-licensed web hosting control panel system that is compatible with Debian/Ubuntu OS using PHP.

= Network Attached Servers =
* [[Commercial_NAS|Here]] are some user-contributed suggestions regarding commercially available NAS/RAID devices.

== FreeNAS ==
[http://www.freenas.org/ FreeNAS] allows a PC with several hard drives to function as a self-contained network attached storage RAID device. It is a very small, fast system, so that an older PCs could function quite well as an NAS.

= Setup RAID in Ubuntu/Kubuntu =
See [http://ubuntuforums.org/showthread.php?t=408461 this thread] for a discussion how to set up RAID on an Ubuntu/Kubuntu server.

= Databases =
There are several free enterprise-strength databases that can be used in (K)Ubuntu Linux.
== PostgreSQL ==
[http://www.postgresql.org/ PostgreSQL] is a free standards-compliant enterprise-strength open-source database, initially developed at UC Berkeley. See the [http://www.postgresql.org/docs/8.4/static/admin.html PostgreSQL Server documentation] for server configuration information. Install using the dummy task:
sudo apt-get install tasksel
sudo tasksel postgresql-server

: or install directly:
sudo apt-get install postgresql-8.4

::or

sudo apt-get install postgresql

== MySQL ==
[http://en.wikipedia.org/wiki/MySQL MySQL] is one of the most widely-used relational databases, and has been licensed under the GPLv2. It has now been bought by Oracle as part of the purchase of Sun. It has long been integrated into co-ordinated server platforms using the [[#LAMP server installation|LAMP]] stack, but it can also be installed separately.
sudo apt-get install mysql-server

== MariaDB ==
Since the purchase of MySQL by Oracle, an effort to maintain a true community-driven replacement for MySQL has emerged in the form of [https://mariadb.org/ MariaDB], whose lead developer is the founder of the original MySQL. It is touted as a drop-in replacement for MySQL on a verion-by-version basis. (See [https://kb.askmonty.org/en/mariadb-versus-mysql-compatibility/ this comparison].) Installation is from the [https://downloads.mariadb.org/mariadb/repositories/ MariaDB repositories]. For example, to install MariaDB version 5.5:

sudo apt-get install python-software-properties
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943db
sudo add-apt-repository 'deb <nowiki>http://ftp.osuosl.org/pub/mariadb/repo/5.5/ubuntu</nowiki> precise main'
sudo apt-get update
sudo apt-get install mariadb-server

:Note: Key servers often use port 11371. Make sure your [[Kubuntu_Precise_Network_Management#Firewall|firewall]] allows port 11371 to be open.

* For troubleshooting information, see [http://kb.askmonty.org/en/installing-mariadb-deb-files/ this page] and [http://stackoverflow.com/questions/16214517/installing-mariadb-unmet-dependencies-mariadb-server-5-5 this page].

* [http://yaui.me/mariadb-how-install-ubuntu-12-04-lts/ This page] includes these steps to add required dependencies:

sudo apt-get install libmariadbclient-dev libmariadbclient18 libmariadbd-dev libmysqlclient18 mariadb-client
sudo apt-get install mariadb-client-5.5 mariadb-client-core-5.5 mariadb-common mariadb-server mariadb-server-5.5
sudo apt-get install mariadb-server-core-5.5 mariadb-test mariadb-test-5.5 mysql-common

sudo /etc/init.d/mysql start

* [http://eureka.ykyuen.info/2013/01/25/mariadb-installation-on-ubuntu-precise/ This page] recommends immediately securing the database: "Secure MariaDB by the mysql_secure_installation command and configure:"

Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] Y
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y

Template:K Quantal/Servers

Perspectoff — Sat, 15 Jun 2013 18:54:20 GMT

Perspectoff:

= Servers =
Many server packages (such as Apache2, MySQL, PHP, etc.) can be installed individually, on either a Desktop edition or a Server edition (using the tasksel command described below). It is not necessary in general, therefore, to install Ubuntu Server if you only wish to use an occasional server package on a Desktop edition. Most of the instructions for individual server packages will work on the Server edition, on the Desktop edition, or on a Server edition that has had an Ubuntu or Kubuntu desktop installed on it.

Nevertheless, the Server edition is optimised for speed and ease of monitoring and maintenance when implemented in large networks and is therefore recommended. (For complete information see the [http://help.ubuntu.com/12.04/serverguide/index.html Ubuntu Server Guide].) It is always possible to [[#Add a desktop to an Ubuntu Server|add an Ubuntu (Gnome) or Kubuntu (KDE) GUI desktop to an Ubuntu Server]] at any time.

* Download the latest Ubuntu Server ISO image from [http://releases.ubuntu.com/raring/ Ubuntu downloads].
* See [http://help.ubuntu.com/community/BurningIsoHowto this guide] for burning the ISO image to a CD.
* [[Boot_from_a_Live_CD|Use the CD]] for installation of the server.

(If you are attempting to create a dual-boot or multi-boot configuration with multiple operating systems on your computer, then see [[Kubuntu_Quantal_Installation#Dual-Booting_Windows_and_Kubuntu|these tips]].)

(Tip: During installation of the server, an initial user / password is created. Many servers are intended to run unattended with little subsequent intervention and it can be easy to forget the original user / password pair that is created at installation. I suggest writing this information down and taping it to the inside of the computer case cover for later reference. (Lock the computer case if you desire extra security.))

There are many server packages that are available to be installed as a one-step process during the Server edition installation process from the LiveCD, or at any time (on most editions) using the [http://wiki.debian.org/tasksel tasksel] command. For a list of server packages that can be installed using the tasksel command:
sudo apt-get install tasksel
sudo tasksel --list-tasks

::or using a GUI list:
sudo tasksel

=== Ultimate Server Walkthrough ===
* Using instructions from Kubuntuguide, an ultimate server can be created with two wikis ([[Kubuntu_Quantal_Groupware_and_Web_Publishing#MediaWiki|MediaWiki]]), two [[Kubuntu_Quantal_Groupware_and_Web_Publishing#Drupal_.28Web_content_publishing.29|Drupal]] websites, a [[Kubuntu_Quantal_Groupware_and_Web_Publishing#Moodle|Moodle]] online learning website, a [[Kubuntu_Quantal_Internet#BigBlueButton|BigBlueButton]] teleconferencing server, a [[Kubuntu_Quantal_Servers#Add_a_desktop_to_an_Ubuntu_Server|Kubuntu desktop]], and [[Kubuntu_Quantal_Networking#Using_Dynamic_IP_addresses_for_a_webserver|dynamic DNS]] access from the web. All components can be expanded and/or additional servers added.

:* [[Ultimate Server Lucid|Lucid]] ultimate server walkthrough.
:* Original [[Ultimate Server Jaunty|Jaunty]] ultimate server walkthrough.

:* To run multiple servers on multiple computers on a LAN using only a single IP address and router, see [[Kubuntu_Quantal_Servers#Reverse_proxy_Servers_and_Load_Balancers|Reverse proxy Servers and Load Balancers]].

== Add a desktop to an Ubuntu Server ==
Packages that require server capabilities (such as Drupal with Apache, etc.) are often happier when a Server edition is installed as the base OS. However, adding a desktop can make the administration and maintenance of many packages easier for many users (albeit with a cost of reduced server speed). Add an Ubuntu (Unity or Gnome) or Kubuntu (KDE) desktop to a server using:
sudo apt-get install ubuntu-desktop

:or

sudo apt-get install kubuntu-desktop

== LAMP server installation ==
During [[#Servers|server]] installation, you will have the option of installing a LAMP (Linux, Apache, MySQL, PHP) server stack. Many (but not all) open source servers use this integrated server stack. Drupal, for example, needs to have a LAMP server installed. If you intend to install a groupware server, however, make sure it is compatible with a LAMP server stack before choosing this option. Many groupware servers will install LAMP (or their own variation) automatically, so you do not need to install the LAMP stack. Others will install and use postgreSQL instead of MySQL, so you would not need to install a LAMP server.

=== Apache2 + MySQL + PHP ===
This is the preferred method:
sudo apt-get install tasksel
sudo tasksel install lamp-server

(Tip: During installation of the LAMP server, an initial MySQL "root" user password is created. This information will sometimes be needed when installing other server packages that use MySQL. I suggest writing the MySQL password down and taping it to the inside of the computer case cover for later reference. (Lock the computer case if you desire extra security.))

== Other servers ==
During server installation, you can choose other servers to install, as well. These include a [[#Mail Server|Mail server]] (Postfix with Dovecot), a [[#Bind9 (DNS server)|DNS server]] (bind9), the [[Kubuntu:Quantal#Setup an SSH server|OpenSSH server]], a [[#Print server|print server]], a [[#Apache Tomcat (Java server)|Tomcat Java web server]], a [[Kubuntu_Quantal_Networking#Samba_server|Samba file server]] (for use with Windows networks), and a [[Kubuntu_Quantal_Virtual_Machines#Xen|virtual machine host]] (Xen). Again, if you are using a groupware solution, you should be careful about installing these services, as they may conflict with similar (but competing) servers which the groupware solution will install by default.

=== eBox (server and network manager) ===
[http://www.ebox-platform.com/ eBox] is a web-browser based server management platform that is useful in managing multiple servers and networking functions in a small to medium business. It is modular so that as the network grows and more networking functions or servers (such as the ones listed below) are added, eBox can manage those, as well. Install:
sudo apt-get install ebox

=== OpenSSH server ===
OpenSSH allows encrypted communications through a designated secure port. See [[Kubuntu_Quantal_Networking#Setup_an_SSH_server|setting up an SSH server]].

=== Mail Server ===
* See [[Kubuntu_Quantal_Groupware_and_Web_Publishing#Mail_servers|this section]].

There are two methods for setting up a mail server.

* The dovecot-postfix package install the components and configuration files to use the Maildir (mail spooling) folder system by default. See [[Kubuntu_Quantal_Groupware_and_Web_Publishing#Postfix_.2F_Dovecot_.28Mail_Server.29|Dovecot-Postfix Mail server]].

* The mail-server task installs the components and configuration files to use the mbox (mail spooling) system by default. This can be installed:
sudo apt-get install tasksel
sudo tasksel install mail-server

=== Bind9 (DNS server) ===
[http://en.wikipedia.org/wiki/BIND BIND] DNS servers are the most commonly used on the Internet. Bind9 is the current edition. See the [http://www.bind9.net/manual/bind/9.2.5/Bv9ARM.html usage instruction here]. Also see the [http://help.ubuntu.com/12.10/serverguide/dns.html official Ubuntu documentation] for more configuration information. It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install dns-server

=== Apache Tomcat (Java server) ===
[http://tomcat.apache.org/ Tomcat] is a free open source platform from Apache which provides a "pure Java" HTTP web server environment for Java code to run (see [http://en.wikipedia.org/wiki/Apache_tomcat here] for more info).

It is not part of the Apache2 web server. See the [http://help.ubuntu.com/12.10/serverguide/tomcat.html official Ubuntu documentation] for more configuration information. It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install tomcat-server

=== Xen virtual machine host ===
[http://www.xen.org/ Xen] is a free open source virtualization platform that allows the host to run "guest" operating systems simultaneously (see [http://en.wikipedia.org/wiki/Xen here] for more info). Xen implementation in the (K)ubuntu server is based on integration with [http://en.wikipedia.org/wiki/Kernel-based_Virtual_Machine KVM], the kernel-based virtualization platform in Linux. KVM integrates with [http://bellard.org/qemu/about.html QEMU] components, which have been merged with Xen.

Note: KVM requires a 64-bit processor with a virtualization extension, i.e. an [http://en.wikipedia.org/wiki/X86_virtualization#Intel_Virtualization_Technology_.28Intel_VT.29 Intel VT] or [http://en.wikipedia.org/wiki/X86_virtualization#AMD_virtualization_.28AMD-V.29 AMD-V] CPU, therefore this package currently is successful only with the 64-bit Ubuntu server installation and on those CPUs.

It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install virt-host

=== Print server ===
Ubuntu uses the [http://help.ubuntu.com/12.10/serverguide/cups.html CUPS print server], which is integrated into the desktop. Installing a print server in Ubuntu Server is necessary only if you do not intend to use a desktop (i.e. you intend a "headless" server). It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install print-server

=== OpenLDAP ===
[http://www.openldap.org/ OpenLDAP] is a community-based [http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol LDAP] server that allows directory querying over TCP/IP, generally for organizations arranged by domain. Ubuntu uses the slapd daemon for the OpenLDAP server. See the [http://help.ubuntu.com/12.10/serverguide/openldap-server.html official Ubuntu documentation] for more information about installation and setup.

=== Proxy server ===
==== Squid ====
[http://www.squid-cache.org/ Squid] is a widely-used proxy web server and web cache daemon that is useful for corporate or other large LANs that wish to accelerate and/or control traffic through the LAN. For initial configuration information, see the [http://help.ubuntu.com/12.10/serverguide/squid.html official Ubuntu documentation]. Install:
sudo apt-get install squid

==== Privoxy ====
[http://www.privoxy.org/ Privoxy] is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. It is easier to configure and more useful for individual users. Install:
sudo apt-get install privoxy

=== Reverse proxy Servers and Load Balancers ===
A [http://en.wikipedia.org/wiki/Reverse_proxy reverse proxy] server allows incoming web traffic on a LAN to be directed to multiple computers (each running one or more servers) on the LAN. When redundant instances of a server exist on a LAN, a [http://en.wikipedia.org/wiki/Load_balancing_%28computing%29 Load Balancer] allows traffic to be directed to the most available instance.

==== Pound (Reverse proxy and load balancer) ====
[http://www.apsis.ch/pound/ Pound] is a free, open source (GPL-licensed) lightweight reverse proxy and load balancer. Also see the [https://help.ubuntu.com/community/Pound Ubuntu Community] instructions. Install:
sudo apt-get install pound

==== Apache Reverse proxy ====
The Apache2 server has a [http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass mod_proxy] module available that enables reverse proxies. See [[Apache2_reverse_proxies|these instructions]] for a simple method to implement reverse proxies using this Apache module.

=== Control panels ===
There are several free and/or GPL-licensed control panel utilities for managing multiple servers on a single physical server or cluster of servers running Debian/Ubuntu-based servers. [http://www.techmixer.com/best-free-web-hosting-control-panel-to-manage-web-hosting/ Here] is a brief overview.

* [http://www.webmin.com/ Webmin] is the most widely used web browser-based free open source web hosting control panel for Linux.
* [http://gnupanel.org/ GNUPanel] is a free GPL-licensed web hosting control panel system that is compatible with Debian/Ubuntu OS using PHP.
* [http://www.web-cp.net/ Web-cp.net] is a free GPL-licensed web hosting control panel system that is compatible with Debian/Ubuntu OS using PHP.

= Databases =
There are several free enterprise-strength databases that can be used in (K)Ubuntu Linux.

== PostgreSQL ==
[http://www.postgresql.org/ PostgreSQL] is a free standards-compliant enterprise-strength open-source database, initially developed at UC Berkeley. See the [http://www.postgresql.org/docs/8.4/static/admin.html PostgreSQL Server documentation] for server configuration information. Install using the dummy task:
sudo apt-get install tasksel
sudo tasksel postgresql-server

: or install directly:
sudo apt-get install postgresql-8.4

::or

sudo apt-get install postgresql

== MySQL ==
[http://en.wikipedia.org/wiki/MySQL MySQL] is one of the most widely-used relational databases, and has been licensed under the GPLv2. It has now been bought by Oracle as part of the purchase of Sun. It has long been integrated into co-ordinated server platforms using the [[#LAMP server installation|LAMP]] stack, but it can also be installed separately.
sudo apt-get install mysql-server

== MariaDB ==
Since the purchase of MySQL by Oracle, an effort to maintain a true community-driven replacement for MySQL has emerged in the form of [https://mariadb.org/ MariaDB], whose lead developer is the founder of the original MySQL. It is touted as a drop-in replacement for MySQL on a verion-by-version basis. (See [https://kb.askmonty.org/en/mariadb-versus-mysql-compatibility/ this comparison].) Installation is from the [https://downloads.mariadb.org/mariadb/repositories/ MariaDB repositories]. For example, to install MariaDB version 10.0:

sudo apt-get install software-properties-common
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943db
sudo add-apt-repository 'deb <nowiki>http://ftp.osuosl.org/pub/mariadb/repo/10.0/ubuntu</nowiki> raring main'
sudo apt-get update
sudo apt-get install mariadb-server

:Note: Key servers often use port 11371. Make sure your [[Kubuntu_Raring_Network_Management#Firewall|firewall]] allows port 11371 to be open.

* For troubleshooting information, see [http://kb.askmonty.org/en/installing-mariadb-deb-files/ this page] and [http://stackoverflow.com/questions/16214517/installing-mariadb-unmet-dependencies-mariadb-server-5-5 this page].

* [http://yaui.me/mariadb-how-install-ubuntu-12-04-lts/ This page] includes these steps to add required dependencies:

sudo apt-get install libmariadbclient-dev libmariadbclient18 libmariadbd-dev libmysqlclient18 mariadb-client
sudo apt-get install mariadb-client-5.5 mariadb-client-core-5.5 mariadb-common mariadb-server mariadb-server-5.5
sudo apt-get install mariadb-server-core-5.5 mariadb-test mariadb-test-5.5 mysql-common

sudo /etc/init.d/mysql start

* [http://eureka.ykyuen.info/2013/01/25/mariadb-installation-on-ubuntu-precise/ This page] recommends immediately securing the database: "Secure MariaDB by the mysql_secure_installation command and configure:"

Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] Y
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y

Template:U Raring/Servers

Perspectoff — Sat, 15 Jun 2013 18:18:29 GMT

Perspectoff: /* MariaDB */

= Servers =
Many server packages (such as Apache2, MySQL, PHP, etc.) can be installed individually, on either a Desktop edition or a Server edition (using the tasksel command described below). It is not necessary in general, therefore, to install Ubuntu Server if you only wish to use an occasional server package on a Desktop edition. Most of the instructions for individual server packages will work on the Server edition, on the Desktop edition, or on a Server edition that has had an Ubuntu or Kubuntu desktop installed on it.

Nevertheless, the Server edition is optimised for speed and ease of monitoring and maintenance when implemented in large networks and is therefore recommended. (For complete information see the [http://help.ubuntu.com/12.04/serverguide/index.html Ubuntu Server Guide].) It is always possible to [[#Add a desktop to an Ubuntu Server|add an Ubuntu (Gnome) or Kubuntu (KDE) GUI desktop to an Ubuntu Server]] at any time.

* Download the latest Ubuntu Server ISO image from [http://releases.ubuntu.com/raring/ Ubuntu downloads].
* See [http://help.ubuntu.com/community/BurningIsoHowto this guide] for burning the ISO image to a CD.
* [[Boot_from_a_Live_CD|Use the CD]] for installation of the server.

(If you are attempting to create a dual-boot or multi-boot configuration with multiple operating systems on your computer, then see [[Ubuntu:Raring#Dual-Booting_Windows_and_Ubuntu|these tips]].)

(Tip: During installation of the server, an initial user / password is created. Many servers are intended to run unattended with little subsequent intervention and it can be easy to forget the original user / password pair that is created at installation. I suggest writing this information down and taping it to the inside of the computer case cover for later reference. (Lock the computer case if you desire extra security.))

There are many server packages that are available to be installed as a one-step process during the Server edition installation process from the LiveCD, or at any time (on most editions) using the [http://wiki.debian.org/tasksel tasksel] command. For a list of server packages that can be installed using the tasksel command:
sudo apt-get install tasksel
sudo tasksel --list-tasks

::or using a GUI list:
sudo tasksel

=== Ultimate Server Walkthrough ===
* Using instructions from Ubuntuguide, an ultimate server can be created with two wikis ([[Ubuntu_Raring_Groupware_and_Web_Publishing#MediaWiki|MediaWiki]]), two [[Ubuntu_Raring_Groupware_and_Web_Publishing#Drupal_.28Web_content_publishing.29|Drupal]] websites, a [[Ubuntu_Raring_Groupware_and_Web_Publishing#Moodle|Moodle]] online learning website, a [[Ubuntu_Raring_Internet#BigBlueButton|BigBlueButton]] teleconferencing server, an [[Ubuntu_Raring_Servers#Add_a_desktop_to_an_Ubuntu_Server|Ubuntu desktop]], and [[Ubuntu_Raring_Networking#Using_Dynamic_IP_addresses_for_a_webserver|dynamic DNS]] access from the web. All components can be expanded and/or additional servers added.

:* [[Ultimate Server Lucid|Lucid]] ultimate server walkthrough.
:* Original [[Ultimate Server Jaunty|Jaunty]] ultimate server walkthrough.

:* To run multiple servers on multiple computers on a LAN using only a single IP address and router, see [[Ubuntu_Raring_Servers#Reverse_proxy_Servers_and_Load_Balancers|Reverse proxy Servers and Load Balancers]].

== Add a desktop to an Ubuntu Server ==
Packages that require server capabilities (such as Drupal with Apache, etc.) are often happier when a Server edition is installed as the base OS. However, adding a desktop can make the administration and maintenance of many packages easier for many users (albeit with a cost of reduced server speed). Add an Ubuntu (Unity or Gnome) or Kubuntu (KDE) desktop to a server using:
sudo apt-get install ubuntu-desktop

:or

sudo apt-get install kubuntu-desktop

== LAMP server installation ==
During [[#Servers|server]] installation, you will have the option of installing a LAMP (Linux, Apache, MySQL, PHP) server stack. Many (but not all) open source servers use this integrated server stack. Drupal, for example, needs to have a LAMP server installed. If you intend to install a groupware server, however, make sure it is compatible with a LAMP server stack before choosing this option. Many groupware servers will install LAMP (or their own variation) automatically, so you do not need to install the LAMP stack. Others will install and use postgreSQL instead of MySQL, so you would not need to install a LAMP server.

=== Apache2 + MySQL + PHP ===
This is the preferred method:
sudo apt-get install tasksel
sudo tasksel install lamp-server

(Tip: During installation of the LAMP server, an initial MySQL "root" user password is created. This information will sometimes be needed when installing other server packages that use MySQL. I suggest writing the MySQL password down and taping it to the inside of the computer case cover for later reference. (Lock the computer case if you desire extra security.))

== Other servers ==
During server installation, you can choose other servers to install, as well. These include a [[#Mail Server|Mail server]] (Postfix with Dovecot), a [[#Bind9 (DNS server)|DNS server]] (bind9), the [[Ubuntu:Raring#Setup an SSH server|OpenSSH server]], a [[#Print server|print server]], a [[#Apache Tomcat (Java server)|Tomcat Java web server]], a [[Ubuntu:Raring#Samba_server|Samba file server]] (for use with Windows networks), and a [[Ubuntu:Raring#Xen virtual machine host|virtual machine host]] (Xen). Again, if you are using a groupware solution, you should be careful about installing these services, as they may conflict with similar (but competing) servers which the groupware solution will install by default.

=== eBox (server and network manager) ===
[http://www.ebox-platform.com/ eBox] is a web-browser based server management platform that is useful in managing multiple servers and networking functions in a small to medium business. It is modular so that as the network grows and more networking functions or servers (such as the ones listed below) are added, eBox can manage those, as well. Install:
sudo apt-get install ebox

=== OpenSSH server ===
OpenSSH allows encrypted communications through a designated secure port. See [[Ubuntu:Raring#Setup an SSH server|setting up an SSH server]].

=== Mail Server ===
* See [[Ubuntu_Raring_Groupware_and_Web_Publishing#Mail_servers|this section]].

There are two methods for setting up a mail server.

* The dovecot-postfix package install the components and configuration files to use the Maildir (mail spooling) folder system by default. See [[Ubuntu_Raring_Groupware_and_Web_Publishing#Postfix_.2F_Dovecot_.28Mail_Server.29|Dovecot-Postfix Mail server]].

* The mail-server task installs the components and configuration files to use the mbox (mail spooling) system by default. This can be installed:
sudo apt-get install tasksel
sudo tasksel install mail-server

=== Bind9 (DNS server) ===
[http://en.wikipedia.org/wiki/BIND BIND] DNS servers are the most commonly used on the Internet. Bind9 is the current edition. See the [http://www.bind9.net/manual/bind/9.2.5/Bv9ARM.html usage instruction here]. Also see the [http://help.ubuntu.com/12.04/serverguide/dns.html official Ubuntu documentation] for more configuration information. It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install dns-server

=== Apache Tomcat (Java server) ===
[http://tomcat.apache.org/ Tomcat] is a free open source platform from Apache which provides a "pure Java" HTTP web server environment for Java code to run (see [http://en.wikipedia.org/wiki/Apache_tomcat here] for more info).

It is not part of the Apache2 web server. See the [http://help.ubuntu.com/12.04/serverguide/tomcat.html official Ubuntu documentation] for more configuration information. It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install tomcat-server

=== Xen virtual machine host ===
[http://www.xen.org/ Xen] is a free open source virtualization platform that allows the host to run "guest" operating systems simultaneously (see [http://en.wikipedia.org/wiki/Xen here] for more info). Xen implementation in the (K)ubuntu server is based on integration with [http://en.wikipedia.org/wiki/Kernel-based_Virtual_Machine KVM], the kernel-based virtualization platform in Linux. KVM integrates with [http://bellard.org/qemu/about.html QEMU] components, which have been merged with Xen.

Note: KVM requires a 64-bit processor with a virtualization extension, i.e. an [http://en.wikipedia.org/wiki/X86_virtualization#Intel_Virtualization_Technology_.28Intel_VT.29 Intel VT] or [http://en.wikipedia.org/wiki/X86_virtualization#AMD_virtualization_.28AMD-V.29 AMD-V] CPU, therefore this package currently is successful only with the 64-bit Ubuntu server installation and on those CPUs.

It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install virt-host

=== Print server ===
Ubuntu uses the [http://help.ubuntu.com/12.04/serverguide/cups.html CUPS print server], which is integrated into the desktop. Installing a print server in Ubuntu Server is necessary only if you do not intend to use a desktop (i.e. you intend a "headless" server). It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install print-server

=== OpenLDAP ===
[http://www.openldap.org/ OpenLDAP] is a community-based [http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol LDAP] server that allows directory querying over TCP/IP, generally for organizations arranged by domain. Ubuntu uses the slapd daemon for the OpenLDAP server. See the [http://help.ubuntu.com/12.04/serverguide/openldap-server.html official Ubuntu documentation] for more information about installation and setup.

=== Proxy server ===
==== Squid ====
[http://www.squid-cache.org/ Squid] is a widely-used proxy web server and web cache daemon that is useful for corporate or other large LANs that wish to accelerate and/or control traffic through the LAN. For initial configuration information, see the [http://help.ubuntu.com/12.04/serverguide/serverguide/C/squid.html official Ubuntu documentation]. Install:
sudo apt-get install squid

==== Privoxy ====
[http://www.privoxy.org/ Privoxy] is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. It is easier to configure and more useful for individual users. Install:
sudo apt-get install privoxy

=== Reverse proxy Servers and Load Balancers ===
A [http://en.wikipedia.org/wiki/Reverse_proxy reverse proxy] server allows incoming web traffic on a LAN to be directed to multiple computers (each running one or more servers) on the LAN. When redundant instances of a server exist on a LAN, a [http://en.wikipedia.org/wiki/Load_balancing_%28computing%29 Load Balancer] allows traffic to be directed to the most available instance.

==== Pound (Reverse proxy and load balancer) ====
[http://www.apsis.ch/pound/ Pound] is a free, open source (GPL-licensed) lightweight reverse proxy and load balancer. Also see the [https://help.ubuntu.com/community/Pound Ubuntu Community] instructions. Install:
sudo apt-get install pound

==== Apache Reverse proxy ====
The Apache2 server has a [http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass mod_proxy] module available that enables reverse proxies. See [[Apache2_reverse_proxies|these instructions]] for a simple method to implement reverse proxies using this Apache module.

=== Control panels ===
There are several free and/or GPL-licensed control panel utilities for managing multiple servers on a single physical server or cluster of servers running Debian/Ubuntu-based servers. [http://www.techmixer.com/best-free-web-hosting-control-panel-to-manage-web-hosting/ Here] is a brief overview.

*[http://www.webmin.com/ Webmin] is the most widely used web browser-based free open source web hosting control panel for Linux.
*[http://gnupanel.org/ GNUPanel] is a free GPL-licensed web hosting control panel system that is compatible with Debian/Ubuntu OS using PHP.
*[http://www.web-cp.net/ Web-cp.net] is a free GPL-licensed web hosting control panel system that is compatible with Debian/Ubuntu OS using PHP.

= Network Attached Servers =
* [[Commercial_NAS|Here]] are some user-contributed suggestions regarding commercially available NAS/RAID devices.

== FreeNAS ==
[http://www.freenas.org/ FreeNAS] allows a PC with several hard drives to function as a self-contained network attached storage RAID device. It is a very small, fast system, so that an older PCs could function quite well as an NAS.

= Setup RAID in Ubuntu/Kubuntu =
See [http://ubuntuforums.org/showthread.php?t=408461 this thread] for a discussion how to set up RAID on an Ubuntu/Kubuntu server.

= Databases =
There are several free enterprise-strength databases that can be used in (K)Ubuntu Linux.
== PostgreSQL ==
[http://www.postgresql.org/ PostgreSQL] is a free standards-compliant enterprise-strength open-source database, initially developed at UC Berkeley. See the [http://www.postgresql.org/docs/8.4/static/admin.html PostgreSQL Server documentation] for server configuration information. Install using the dummy task:
sudo apt-get install tasksel
sudo tasksel postgresql-server

: or install directly:
sudo apt-get install postgresql-8.4

::or

sudo apt-get install postgresql

== MySQL ==
[http://en.wikipedia.org/wiki/MySQL MySQL] is one of the most widely-used relational databases, and has been licensed under the GPLv2. It has now been bought by Oracle as part of the purchase of Sun. It has long been integrated into co-ordinated server platforms using the [[#LAMP server installation|LAMP]] stack, but it can also be installed separately.
sudo apt-get install mysql-server

== MariaDB ==
Since the purchase of MySQL by Oracle, an effort to maintain a true community-driven replacement for MySQL has emerged in the form of [https://mariadb.org/ MariaDB], whose lead developer is the founder of the original MySQL. It is touted as a drop-in replacement for MySQL on a verion-by-version basis. (See [https://kb.askmonty.org/en/mariadb-versus-mysql-compatibility/ this comparison].) Installation is from the [https://downloads.mariadb.org/mariadb/repositories/ MariaDB repositories]. For example, to install MariaDB version 10.0:

sudo apt-get install software-properties-common
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943db
sudo add-apt-repository 'deb <nowiki>http://ftp.osuosl.org/pub/mariadb/repo/10.0/ubuntu</nowiki> raring main'
sudo apt-get update
sudo apt-get install mariadb-server

:Note: Key servers often use port 11371. Make sure your [[Ubuntu_Raring_Network_Management#Firewall|firewall]] allows port 11371 to be open.

* For troubleshooting information, see [http://kb.askmonty.org/en/installing-mariadb-deb-files/ this page] and [http://stackoverflow.com/questions/16214517/installing-mariadb-unmet-dependencies-mariadb-server-5-5 this page].

* [http://yaui.me/mariadb-how-install-ubuntu-12-04-lts/ This page] includes these steps to add required dependencies:

sudo apt-get install libmariadbclient-dev libmariadbclient18 libmariadbd-dev libmysqlclient18 mariadb-client
sudo apt-get install mariadb-client-5.5 mariadb-client-core-5.5 mariadb-common mariadb-server mariadb-server-5.5
sudo apt-get install mariadb-server-core-5.5 mariadb-test mariadb-test-5.5 mysql-common

sudo /etc/init.d/mysql start

* [http://eureka.ykyuen.info/2013/01/25/mariadb-installation-on-ubuntu-precise/ This page] recommends immediately securing the database: "Secure MariaDB by the mysql_secure_installation command and configure:"

Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] Y
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y

Template:K Raring/Servers

Perspectoff — Sat, 15 Jun 2013 18:17:12 GMT

Perspectoff: /* MariaDB */

= Servers =
Many server packages (such as Apache2, MySQL, PHP, etc.) can be installed individually, on either a Desktop edition or a Server edition (using the tasksel command described below). It is not necessary in general, therefore, to install Ubuntu Server if you only wish to use an occasional server package on a Desktop edition. Most of the instructions for individual server packages will work on the Server edition, on the Desktop edition, or on a Server edition that has had an Ubuntu or Kubuntu desktop installed on it.

Nevertheless, the Server edition is optimised for speed and ease of monitoring and maintenance when implemented in large networks and is therefore recommended. (For complete information see the [http://help.ubuntu.com/12.04/serverguide/index.html Ubuntu Server Guide].) It is always possible to [[#Add a desktop to an Ubuntu Server|add an Ubuntu (Gnome) or Kubuntu (KDE) GUI desktop to an Ubuntu Server]] at any time.

* Download the latest Ubuntu Server ISO image from [http://releases.ubuntu.com/raring/ Ubuntu downloads].
* See [http://help.ubuntu.com/community/BurningIsoHowto this guide] for burning the ISO image to a CD.
* [[Boot_from_a_Live_CD|Use the CD]] for installation of the server.

(If you are attempting to create a dual-boot or multi-boot configuration with multiple operating systems on your computer, then see [[Kubuntu_Raring_Installation#Dual-Booting_Windows_and_Kubuntu|these tips]].)

(Tip: During installation of the server, an initial user / password is created. Many servers are intended to run unattended with little subsequent intervention and it can be easy to forget the original user / password pair that is created at installation. I suggest writing this information down and taping it to the inside of the computer case cover for later reference. (Lock the computer case if you desire extra security.))

There are many server packages that are available to be installed as a one-step process during the Server edition installation process from the LiveCD, or at any time (on most editions) using the [http://wiki.debian.org/tasksel tasksel] command. For a list of server packages that can be installed using the tasksel command:
sudo apt-get install tasksel
sudo tasksel --list-tasks

::or using a GUI list:
sudo tasksel

=== Ultimate Server Walkthrough ===
* Using instructions from Kubuntuguide, an ultimate server can be created with two wikis ([[Kubuntu_Raring_Groupware_and_Web_Publishing#MediaWiki|MediaWiki]]), two [[Kubuntu_Raring_Groupware_and_Web_Publishing#Drupal_.28Web_content_publishing.29|Drupal]] websites, a [[Kubuntu_Raring_Groupware_and_Web_Publishing#Moodle|Moodle]] online learning website, a [[Kubuntu_Raring_Internet#BigBlueButton|BigBlueButton]] teleconferencing server, a [[Kubuntu_Raring_Servers#Add_a_desktop_to_an_Ubuntu_Server|Kubuntu desktop]], and [[Kubuntu_Raring_Networking#Using_Dynamic_IP_addresses_for_a_webserver|dynamic DNS]] access from the web. All components can be expanded and/or additional servers added.

:* [[Ultimate Server Lucid|Lucid]] ultimate server walkthrough.
:* Original [[Ultimate Server Jaunty|Jaunty]] ultimate server walkthrough.

:* To run multiple servers on multiple computers on a LAN using only a single IP address and router, see [[Kubuntu_Raring_Servers#Reverse_proxy_Servers_and_Load_Balancers|Reverse proxy Servers and Load Balancers]].

== Add a desktop to an Ubuntu Server ==
Packages that require server capabilities (such as Drupal with Apache, etc.) are often happier when a Server edition is installed as the base OS. However, adding a desktop can make the administration and maintenance of many packages easier for many users (albeit with a cost of reduced server speed). Add an Ubuntu (Unity or Gnome) or Kubuntu (KDE) desktop to a server using:
sudo apt-get install ubuntu-desktop

:or

sudo apt-get install kubuntu-desktop

== LAMP server installation ==
During [[#Servers|server]] installation, you will have the option of installing a LAMP (Linux, Apache, MySQL, PHP) server stack. Many (but not all) open source servers use this integrated server stack. Drupal, for example, needs to have a LAMP server installed. If you intend to install a groupware server, however, make sure it is compatible with a LAMP server stack before choosing this option. Many groupware servers will install LAMP (or their own variation) automatically, so you do not need to install the LAMP stack. Others will install and use postgreSQL instead of MySQL, so you would not need to install a LAMP server.

=== Apache2 + MySQL + PHP ===
This is the preferred method:
sudo apt-get install tasksel
sudo tasksel install lamp-server

(Tip: During installation of the LAMP server, an initial MySQL "root" user password is created. This information will sometimes be needed when installing other server packages that use MySQL. I suggest writing the MySQL password down and taping it to the inside of the computer case cover for later reference. (Lock the computer case if you desire extra security.))

== Other servers ==
During server installation, you can choose other servers to install, as well. These include a [[#Mail Server|Mail server]] (Postfix with Dovecot), a [[#Bind9 (DNS server)|DNS server]] (bind9), the [[Kubuntu:Raring#Setup an SSH server|OpenSSH server]], a [[#Print server|print server]], a [[#Apache Tomcat (Java server)|Tomcat Java web server]], a [[Kubuntu_Raring_Networking#Samba_server|Samba file server]] (for use with Windows networks), and a [[Kubuntu_Raring_Virtual_Machines#Xen|virtual machine host]] (Xen). Again, if you are using a groupware solution, you should be careful about installing these services, as they may conflict with similar (but competing) servers which the groupware solution will install by default.

=== eBox (server and network manager) ===
[http://www.ebox-platform.com/ eBox] is a web-browser based server management platform that is useful in managing multiple servers and networking functions in a small to medium business. It is modular so that as the network grows and more networking functions or servers (such as the ones listed below) are added, eBox can manage those, as well. Install:
sudo apt-get install ebox

=== OpenSSH server ===
OpenSSH allows encrypted communications through a designated secure port. See [[Kubuntu_Raring_Networking#Setup_an_SSH_server|setting up an SSH server]].

=== Mail Server ===
* See [[Kubuntu_Raring_Groupware_and_Web_Publishing#Mail_servers|this section]].

There are two methods for setting up a mail server.

* The dovecot-postfix package install the components and configuration files to use the Maildir (mail spooling) folder system by default. See [[Kubuntu_Raring_Groupware_and_Web_Publishing#Postfix_.2F_Dovecot_.28Mail_Server.29|Dovecot-Postfix Mail server]].

* The mail-server task installs the components and configuration files to use the mbox (mail spooling) system by default. This can be installed:
sudo apt-get install tasksel
sudo tasksel install mail-server

=== Bind9 (DNS server) ===
[http://en.wikipedia.org/wiki/BIND BIND] DNS servers are the most commonly used on the Internet. Bind9 is the current edition. See the [http://www.bind9.net/manual/bind/9.2.5/Bv9ARM.html usage instruction here]. Also see the [http://help.ubuntu.com/13.04/serverguide/dns.html official Ubuntu documentation] for more configuration information. It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install dns-server

=== Apache Tomcat (Java server) ===
[http://tomcat.apache.org/ Tomcat] is a free open source platform from Apache which provides a "pure Java" HTTP web server environment for Java code to run (see [http://en.wikipedia.org/wiki/Apache_tomcat here] for more info).

It is not part of the Apache2 web server. See the [http://help.ubuntu.com/13.04/serverguide/tomcat.html official Ubuntu documentation] for more configuration information. It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install tomcat-server

=== Xen virtual machine host ===
[http://www.xen.org/ Xen] is a free open source virtualization platform that allows the host to run "guest" operating systems simultaneously (see [http://en.wikipedia.org/wiki/Xen here] for more info). Xen implementation in the (K)ubuntu server is based on integration with [http://en.wikipedia.org/wiki/Kernel-based_Virtual_Machine KVM], the kernel-based virtualization platform in Linux. KVM integrates with [http://bellard.org/qemu/about.html QEMU] components, which have been merged with Xen.

Note: KVM requires a 64-bit processor with a virtualization extension, i.e. an [http://en.wikipedia.org/wiki/X86_virtualization#Intel_Virtualization_Technology_.28Intel_VT.29 Intel VT] or [http://en.wikipedia.org/wiki/X86_virtualization#AMD_virtualization_.28AMD-V.29 AMD-V] CPU, therefore this package currently is successful only with the 64-bit Ubuntu server installation and on those CPUs.

It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install virt-host

=== Print server ===
Ubuntu uses the [http://help.ubuntu.com/13.04/serverguide/cups.html CUPS print server], which is integrated into the desktop. Installing a print server in Ubuntu Server is necessary only if you do not intend to use a desktop (i.e. you intend a "headless" server). It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install print-server

=== OpenLDAP ===
[http://www.openldap.org/ OpenLDAP] is a community-based [http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol LDAP] server that allows directory querying over TCP/IP, generally for organizations arranged by domain. Ubuntu uses the slapd daemon for the OpenLDAP server. See the [http://help.ubuntu.com/13.04/serverguide/openldap-server.html official Ubuntu documentation] for more information about installation and setup.

=== Proxy server ===
==== Squid ====
[http://www.squid-cache.org/ Squid] is a widely-used proxy web server and web cache daemon that is useful for corporate or other large LANs that wish to accelerate and/or control traffic through the LAN. For initial configuration information, see the [http://help.ubuntu.com/13.04/serverguide/squid.html official Ubuntu documentation]. Install:
sudo apt-get install squid

==== Privoxy ====
[http://www.privoxy.org/ Privoxy] is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. It is easier to configure and more useful for individual users. Install:
sudo apt-get install privoxy

=== Reverse proxy Servers and Load Balancers ===
A [http://en.wikipedia.org/wiki/Reverse_proxy reverse proxy] server allows incoming web traffic on a LAN to be directed to multiple computers (each running one or more servers) on the LAN. When redundant instances of a server exist on a LAN, a [http://en.wikipedia.org/wiki/Load_balancing_%28computing%29 Load Balancer] allows traffic to be directed to the most available instance.

==== Pound (Reverse proxy and load balancer) ====
[http://www.apsis.ch/pound/ Pound] is a free, open source (GPL-licensed) lightweight reverse proxy and load balancer. Also see the [https://help.ubuntu.com/community/Pound Ubuntu Community] instructions. Install:
sudo apt-get install pound

==== Apache Reverse proxy ====
The Apache2 server has a [http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass mod_proxy] module available that enables reverse proxies. See [[Apache2_reverse_proxies|these instructions]] for a simple method to implement reverse proxies using this Apache module.

=== Control panels ===
There are several free and/or GPL-licensed control panel utilities for managing multiple servers on a single physical server or cluster of servers running Debian/Ubuntu-based servers. [http://www.techmixer.com/best-free-web-hosting-control-panel-to-manage-web-hosting/ Here] is a brief overview.

* [http://www.webmin.com/ Webmin] is the most widely used web browser-based free open source web hosting control panel for Linux.
* [http://gnupanel.org/ GNUPanel] is a free GPL-licensed web hosting control panel system that is compatible with Debian/Ubuntu OS using PHP.
* [http://www.web-cp.net/ Web-cp.net] is a free GPL-licensed web hosting control panel system that is compatible with Debian/Ubuntu OS using PHP.

= Network Attached Servers =
* [[Commercial_NAS|Here]] are some user-contributed suggestions regarding commercially available NAS/RAID devices.

== FreeNAS ==
[http://www.freenas.org/ FreeNAS] allows a PC with several hard drives to function as a self-contained network attached storage RAID device. It is a very small, fast system, so that an older PCs could function quite well as an NAS.

= Setup RAID in Ubuntu/Kubuntu =
See [http://ubuntuforums.org/showthread.php?t=408461 this thread] for a discussion how to set up RAID on an Ubuntu/Kubuntu server.

= Databases =
There are several free enterprise-strength databases that can be used in (K)Ubuntu Linux.
== PostgreSQL ==
[http://www.postgresql.org/ PostgreSQL] is a free standards-compliant enterprise-strength open-source database, initially developed at UC Berkeley. See the [http://www.postgresql.org/docs/8.4/static/admin.html PostgreSQL Server documentation] for server configuration information. Install using the dummy task:
sudo apt-get install tasksel
sudo tasksel postgresql-server

: or install directly:
sudo apt-get install postgresql-8.4

::or

sudo apt-get install postgresql

== MySQL ==
[http://en.wikipedia.org/wiki/MySQL MySQL] is one of the most widely-used relational databases, and has been licensed under the GPLv2. It has now been bought by Oracle as part of the purchase of Sun. It has long been integrated into co-ordinated server platforms using the [[#LAMP server installation|LAMP]] stack, but it can also be installed separately.
sudo apt-get install mysql-server

== MariaDB ==
Since the purchase of MySQL by Oracle, an effort to maintain a true community-driven replacement for MySQL has emerged in the form of [https://mariadb.org/ MariaDB], whose lead developer is the founder of the original MySQL. It is touted as a drop-in replacement for MySQL on a verion-by-version basis. (See [https://kb.askmonty.org/en/mariadb-versus-mysql-compatibility/ this comparison].) Installation is from the [https://downloads.mariadb.org/mariadb/repositories/ MariaDB repositories]. For example, to install MariaDB version 10.0:

sudo apt-get install software-properties-common
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943db
sudo add-apt-repository 'deb <nowiki>http://ftp.osuosl.org/pub/mariadb/repo/10.0/ubuntu</nowiki> raring main'
sudo apt-get update
sudo apt-get install mariadb-server

:Note: Key servers often use port 11371. Make sure your [[Kubuntu_Raring_Network_Management#Firewall|firewall]] allows port 11371 to be open.

* For troubleshooting information, see [http://kb.askmonty.org/en/installing-mariadb-deb-files/ this page] and [http://stackoverflow.com/questions/16214517/installing-mariadb-unmet-dependencies-mariadb-server-5-5 this page].

* [http://yaui.me/mariadb-how-install-ubuntu-12-04-lts/ This page] includes these steps to add required dependencies:

sudo apt-get install libmariadbclient-dev libmariadbclient18 libmariadbd-dev libmysqlclient18 mariadb-client
sudo apt-get install mariadb-client-5.5 mariadb-client-core-5.5 mariadb-common mariadb-server mariadb-server-5.5
sudo apt-get install mariadb-server-core-5.5 mariadb-test mariadb-test-5.5 mysql-common

sudo /etc/init.d/mysql start

* [http://eureka.ykyuen.info/2013/01/25/mariadb-installation-on-ubuntu-precise/ This page] recommends immediately securing the database: "Secure MariaDB by the mysql_secure_installation command and configure:"

Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] Y
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y

Template:K Raring/Servers

Perspectoff — Sat, 15 Jun 2013 18:13:47 GMT

Perspectoff: /* MariaDB */

= Servers =
Many server packages (such as Apache2, MySQL, PHP, etc.) can be installed individually, on either a Desktop edition or a Server edition (using the tasksel command described below). It is not necessary in general, therefore, to install Ubuntu Server if you only wish to use an occasional server package on a Desktop edition. Most of the instructions for individual server packages will work on the Server edition, on the Desktop edition, or on a Server edition that has had an Ubuntu or Kubuntu desktop installed on it.

Nevertheless, the Server edition is optimised for speed and ease of monitoring and maintenance when implemented in large networks and is therefore recommended. (For complete information see the [http://help.ubuntu.com/12.04/serverguide/index.html Ubuntu Server Guide].) It is always possible to [[#Add a desktop to an Ubuntu Server|add an Ubuntu (Gnome) or Kubuntu (KDE) GUI desktop to an Ubuntu Server]] at any time.

* Download the latest Ubuntu Server ISO image from [http://releases.ubuntu.com/raring/ Ubuntu downloads].
* See [http://help.ubuntu.com/community/BurningIsoHowto this guide] for burning the ISO image to a CD.
* [[Boot_from_a_Live_CD|Use the CD]] for installation of the server.

(If you are attempting to create a dual-boot or multi-boot configuration with multiple operating systems on your computer, then see [[Kubuntu_Raring_Installation#Dual-Booting_Windows_and_Kubuntu|these tips]].)

(Tip: During installation of the server, an initial user / password is created. Many servers are intended to run unattended with little subsequent intervention and it can be easy to forget the original user / password pair that is created at installation. I suggest writing this information down and taping it to the inside of the computer case cover for later reference. (Lock the computer case if you desire extra security.))

There are many server packages that are available to be installed as a one-step process during the Server edition installation process from the LiveCD, or at any time (on most editions) using the [http://wiki.debian.org/tasksel tasksel] command. For a list of server packages that can be installed using the tasksel command:
sudo apt-get install tasksel
sudo tasksel --list-tasks

::or using a GUI list:
sudo tasksel

=== Ultimate Server Walkthrough ===
* Using instructions from Kubuntuguide, an ultimate server can be created with two wikis ([[Kubuntu_Raring_Groupware_and_Web_Publishing#MediaWiki|MediaWiki]]), two [[Kubuntu_Raring_Groupware_and_Web_Publishing#Drupal_.28Web_content_publishing.29|Drupal]] websites, a [[Kubuntu_Raring_Groupware_and_Web_Publishing#Moodle|Moodle]] online learning website, a [[Kubuntu_Raring_Internet#BigBlueButton|BigBlueButton]] teleconferencing server, a [[Kubuntu_Raring_Servers#Add_a_desktop_to_an_Ubuntu_Server|Kubuntu desktop]], and [[Kubuntu_Raring_Networking#Using_Dynamic_IP_addresses_for_a_webserver|dynamic DNS]] access from the web. All components can be expanded and/or additional servers added.

:* [[Ultimate Server Lucid|Lucid]] ultimate server walkthrough.
:* Original [[Ultimate Server Jaunty|Jaunty]] ultimate server walkthrough.

:* To run multiple servers on multiple computers on a LAN using only a single IP address and router, see [[Kubuntu_Raring_Servers#Reverse_proxy_Servers_and_Load_Balancers|Reverse proxy Servers and Load Balancers]].

== Add a desktop to an Ubuntu Server ==
Packages that require server capabilities (such as Drupal with Apache, etc.) are often happier when a Server edition is installed as the base OS. However, adding a desktop can make the administration and maintenance of many packages easier for many users (albeit with a cost of reduced server speed). Add an Ubuntu (Unity or Gnome) or Kubuntu (KDE) desktop to a server using:
sudo apt-get install ubuntu-desktop

:or

sudo apt-get install kubuntu-desktop

== LAMP server installation ==
During [[#Servers|server]] installation, you will have the option of installing a LAMP (Linux, Apache, MySQL, PHP) server stack. Many (but not all) open source servers use this integrated server stack. Drupal, for example, needs to have a LAMP server installed. If you intend to install a groupware server, however, make sure it is compatible with a LAMP server stack before choosing this option. Many groupware servers will install LAMP (or their own variation) automatically, so you do not need to install the LAMP stack. Others will install and use postgreSQL instead of MySQL, so you would not need to install a LAMP server.

=== Apache2 + MySQL + PHP ===
This is the preferred method:
sudo apt-get install tasksel
sudo tasksel install lamp-server

(Tip: During installation of the LAMP server, an initial MySQL "root" user password is created. This information will sometimes be needed when installing other server packages that use MySQL. I suggest writing the MySQL password down and taping it to the inside of the computer case cover for later reference. (Lock the computer case if you desire extra security.))

== Other servers ==
During server installation, you can choose other servers to install, as well. These include a [[#Mail Server|Mail server]] (Postfix with Dovecot), a [[#Bind9 (DNS server)|DNS server]] (bind9), the [[Kubuntu:Raring#Setup an SSH server|OpenSSH server]], a [[#Print server|print server]], a [[#Apache Tomcat (Java server)|Tomcat Java web server]], a [[Kubuntu_Raring_Networking#Samba_server|Samba file server]] (for use with Windows networks), and a [[Kubuntu_Raring_Virtual_Machines#Xen|virtual machine host]] (Xen). Again, if you are using a groupware solution, you should be careful about installing these services, as they may conflict with similar (but competing) servers which the groupware solution will install by default.

=== eBox (server and network manager) ===
[http://www.ebox-platform.com/ eBox] is a web-browser based server management platform that is useful in managing multiple servers and networking functions in a small to medium business. It is modular so that as the network grows and more networking functions or servers (such as the ones listed below) are added, eBox can manage those, as well. Install:
sudo apt-get install ebox

=== OpenSSH server ===
OpenSSH allows encrypted communications through a designated secure port. See [[Kubuntu_Raring_Networking#Setup_an_SSH_server|setting up an SSH server]].

=== Mail Server ===
* See [[Kubuntu_Raring_Groupware_and_Web_Publishing#Mail_servers|this section]].

There are two methods for setting up a mail server.

* The dovecot-postfix package install the components and configuration files to use the Maildir (mail spooling) folder system by default. See [[Kubuntu_Raring_Groupware_and_Web_Publishing#Postfix_.2F_Dovecot_.28Mail_Server.29|Dovecot-Postfix Mail server]].

* The mail-server task installs the components and configuration files to use the mbox (mail spooling) system by default. This can be installed:
sudo apt-get install tasksel
sudo tasksel install mail-server

=== Bind9 (DNS server) ===
[http://en.wikipedia.org/wiki/BIND BIND] DNS servers are the most commonly used on the Internet. Bind9 is the current edition. See the [http://www.bind9.net/manual/bind/9.2.5/Bv9ARM.html usage instruction here]. Also see the [http://help.ubuntu.com/13.04/serverguide/dns.html official Ubuntu documentation] for more configuration information. It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install dns-server

=== Apache Tomcat (Java server) ===
[http://tomcat.apache.org/ Tomcat] is a free open source platform from Apache which provides a "pure Java" HTTP web server environment for Java code to run (see [http://en.wikipedia.org/wiki/Apache_tomcat here] for more info).

It is not part of the Apache2 web server. See the [http://help.ubuntu.com/13.04/serverguide/tomcat.html official Ubuntu documentation] for more configuration information. It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install tomcat-server

=== Xen virtual machine host ===
[http://www.xen.org/ Xen] is a free open source virtualization platform that allows the host to run "guest" operating systems simultaneously (see [http://en.wikipedia.org/wiki/Xen here] for more info). Xen implementation in the (K)ubuntu server is based on integration with [http://en.wikipedia.org/wiki/Kernel-based_Virtual_Machine KVM], the kernel-based virtualization platform in Linux. KVM integrates with [http://bellard.org/qemu/about.html QEMU] components, which have been merged with Xen.

Note: KVM requires a 64-bit processor with a virtualization extension, i.e. an [http://en.wikipedia.org/wiki/X86_virtualization#Intel_Virtualization_Technology_.28Intel_VT.29 Intel VT] or [http://en.wikipedia.org/wiki/X86_virtualization#AMD_virtualization_.28AMD-V.29 AMD-V] CPU, therefore this package currently is successful only with the 64-bit Ubuntu server installation and on those CPUs.

It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install virt-host

=== Print server ===
Ubuntu uses the [http://help.ubuntu.com/13.04/serverguide/cups.html CUPS print server], which is integrated into the desktop. Installing a print server in Ubuntu Server is necessary only if you do not intend to use a desktop (i.e. you intend a "headless" server). It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install print-server

=== OpenLDAP ===
[http://www.openldap.org/ OpenLDAP] is a community-based [http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol LDAP] server that allows directory querying over TCP/IP, generally for organizations arranged by domain. Ubuntu uses the slapd daemon for the OpenLDAP server. See the [http://help.ubuntu.com/13.04/serverguide/openldap-server.html official Ubuntu documentation] for more information about installation and setup.

=== Proxy server ===
==== Squid ====
[http://www.squid-cache.org/ Squid] is a widely-used proxy web server and web cache daemon that is useful for corporate or other large LANs that wish to accelerate and/or control traffic through the LAN. For initial configuration information, see the [http://help.ubuntu.com/13.04/serverguide/squid.html official Ubuntu documentation]. Install:
sudo apt-get install squid

==== Privoxy ====
[http://www.privoxy.org/ Privoxy] is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. It is easier to configure and more useful for individual users. Install:
sudo apt-get install privoxy

=== Reverse proxy Servers and Load Balancers ===
A [http://en.wikipedia.org/wiki/Reverse_proxy reverse proxy] server allows incoming web traffic on a LAN to be directed to multiple computers (each running one or more servers) on the LAN. When redundant instances of a server exist on a LAN, a [http://en.wikipedia.org/wiki/Load_balancing_%28computing%29 Load Balancer] allows traffic to be directed to the most available instance.

==== Pound (Reverse proxy and load balancer) ====
[http://www.apsis.ch/pound/ Pound] is a free, open source (GPL-licensed) lightweight reverse proxy and load balancer. Also see the [https://help.ubuntu.com/community/Pound Ubuntu Community] instructions. Install:
sudo apt-get install pound

==== Apache Reverse proxy ====
The Apache2 server has a [http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass mod_proxy] module available that enables reverse proxies. See [[Apache2_reverse_proxies|these instructions]] for a simple method to implement reverse proxies using this Apache module.

=== Control panels ===
There are several free and/or GPL-licensed control panel utilities for managing multiple servers on a single physical server or cluster of servers running Debian/Ubuntu-based servers. [http://www.techmixer.com/best-free-web-hosting-control-panel-to-manage-web-hosting/ Here] is a brief overview.

* [http://www.webmin.com/ Webmin] is the most widely used web browser-based free open source web hosting control panel for Linux.
* [http://gnupanel.org/ GNUPanel] is a free GPL-licensed web hosting control panel system that is compatible with Debian/Ubuntu OS using PHP.
* [http://www.web-cp.net/ Web-cp.net] is a free GPL-licensed web hosting control panel system that is compatible with Debian/Ubuntu OS using PHP.

= Network Attached Servers =
* [[Commercial_NAS|Here]] are some user-contributed suggestions regarding commercially available NAS/RAID devices.

== FreeNAS ==
[http://www.freenas.org/ FreeNAS] allows a PC with several hard drives to function as a self-contained network attached storage RAID device. It is a very small, fast system, so that an older PCs could function quite well as an NAS.

= Setup RAID in Ubuntu/Kubuntu =
See [http://ubuntuforums.org/showthread.php?t=408461 this thread] for a discussion how to set up RAID on an Ubuntu/Kubuntu server.

= Databases =
There are several free enterprise-strength databases that can be used in (K)Ubuntu Linux.
== PostgreSQL ==
[http://www.postgresql.org/ PostgreSQL] is a free standards-compliant enterprise-strength open-source database, initially developed at UC Berkeley. See the [http://www.postgresql.org/docs/8.4/static/admin.html PostgreSQL Server documentation] for server configuration information. Install using the dummy task:
sudo apt-get install tasksel
sudo tasksel postgresql-server

: or install directly:
sudo apt-get install postgresql-8.4

::or

sudo apt-get install postgresql

== MySQL ==
[http://en.wikipedia.org/wiki/MySQL MySQL] is one of the most widely-used relational databases, and has been licensed under the GPLv2. It has now been bought by Oracle as part of the purchase of Sun. It has long been integrated into co-ordinated server platforms using the [[#LAMP server installation|LAMP]] stack, but it can also be installed separately.
sudo apt-get install mysql-server

== MariaDB ==
Since the purchase of MySQL by Oracle, an effort to maintain a true community-driven replacement for MySQL has emerged in the form of [https://mariadb.org/ MariaDB], whose lead developer is the founder of the original MySQL. It is touted as a drop-in replacement for MySQL on a verion-by-version basis. (See [https://kb.askmonty.org/en/mariadb-versus-mysql-compatibility/ this comparison].) Installation is from the [https://downloads.mariadb.org/mariadb/repositories/ MariaDB repositories]. For example, to install MariaDB version 10.0:

sudo apt-get install software-properties-common
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943db
sudo add-apt-repository 'deb <nowiki>http://ftp.osuosl.org/pub/mariadb/repo/10.0/ubuntu</nowiki> raring main'
sudo apt-get update
sudo apt-get install mariadb-server

:Note: Key servers often use port 11371. Make sure your [[Kubuntu_Raring_Network_Management#Firewall|firewall]] allows port 11371 to be open.

* For troubleshooting information, see [http://kb.askmonty.org/en/installing-mariadb-deb-files/ this page] and [http://stackoverflow.com/questions/16214517/installing-mariadb-unmet-dependencies-mariadb-server-5-5 this page].

* [http://yaui.me/mariadb-how-install-ubuntu-12-04-lts/ This page] includes these steps to add required dependencies:

sudo apt-get install libmariadbclient-dev libmariadbclient18 libmariadbd-dev libmysqlclient18 mariadb-client
sudo apt-get install mariadb-client-5.5 mariadb-client-core-5.5 mariadb-common mariadb-server mariadb-server-5.5
sudo apt-get install mariadb-server-core-5.5 mariadb-test mariadb-test-5.5 mysql-common

sudo /etc/init.d/mysql start

Template:K Raring/Servers

Perspectoff — Sat, 15 Jun 2013 18:09:56 GMT

Perspectoff: /* MariaDB */

= Servers =
Many server packages (such as Apache2, MySQL, PHP, etc.) can be installed individually, on either a Desktop edition or a Server edition (using the tasksel command described below). It is not necessary in general, therefore, to install Ubuntu Server if you only wish to use an occasional server package on a Desktop edition. Most of the instructions for individual server packages will work on the Server edition, on the Desktop edition, or on a Server edition that has had an Ubuntu or Kubuntu desktop installed on it.

Nevertheless, the Server edition is optimised for speed and ease of monitoring and maintenance when implemented in large networks and is therefore recommended. (For complete information see the [http://help.ubuntu.com/12.04/serverguide/index.html Ubuntu Server Guide].) It is always possible to [[#Add a desktop to an Ubuntu Server|add an Ubuntu (Gnome) or Kubuntu (KDE) GUI desktop to an Ubuntu Server]] at any time.

* Download the latest Ubuntu Server ISO image from [http://releases.ubuntu.com/raring/ Ubuntu downloads].
* See [http://help.ubuntu.com/community/BurningIsoHowto this guide] for burning the ISO image to a CD.
* [[Boot_from_a_Live_CD|Use the CD]] for installation of the server.

(If you are attempting to create a dual-boot or multi-boot configuration with multiple operating systems on your computer, then see [[Kubuntu_Raring_Installation#Dual-Booting_Windows_and_Kubuntu|these tips]].)

(Tip: During installation of the server, an initial user / password is created. Many servers are intended to run unattended with little subsequent intervention and it can be easy to forget the original user / password pair that is created at installation. I suggest writing this information down and taping it to the inside of the computer case cover for later reference. (Lock the computer case if you desire extra security.))

There are many server packages that are available to be installed as a one-step process during the Server edition installation process from the LiveCD, or at any time (on most editions) using the [http://wiki.debian.org/tasksel tasksel] command. For a list of server packages that can be installed using the tasksel command:
sudo apt-get install tasksel
sudo tasksel --list-tasks

::or using a GUI list:
sudo tasksel

=== Ultimate Server Walkthrough ===
* Using instructions from Kubuntuguide, an ultimate server can be created with two wikis ([[Kubuntu_Raring_Groupware_and_Web_Publishing#MediaWiki|MediaWiki]]), two [[Kubuntu_Raring_Groupware_and_Web_Publishing#Drupal_.28Web_content_publishing.29|Drupal]] websites, a [[Kubuntu_Raring_Groupware_and_Web_Publishing#Moodle|Moodle]] online learning website, a [[Kubuntu_Raring_Internet#BigBlueButton|BigBlueButton]] teleconferencing server, a [[Kubuntu_Raring_Servers#Add_a_desktop_to_an_Ubuntu_Server|Kubuntu desktop]], and [[Kubuntu_Raring_Networking#Using_Dynamic_IP_addresses_for_a_webserver|dynamic DNS]] access from the web. All components can be expanded and/or additional servers added.

:* [[Ultimate Server Lucid|Lucid]] ultimate server walkthrough.
:* Original [[Ultimate Server Jaunty|Jaunty]] ultimate server walkthrough.

:* To run multiple servers on multiple computers on a LAN using only a single IP address and router, see [[Kubuntu_Raring_Servers#Reverse_proxy_Servers_and_Load_Balancers|Reverse proxy Servers and Load Balancers]].

== Add a desktop to an Ubuntu Server ==
Packages that require server capabilities (such as Drupal with Apache, etc.) are often happier when a Server edition is installed as the base OS. However, adding a desktop can make the administration and maintenance of many packages easier for many users (albeit with a cost of reduced server speed). Add an Ubuntu (Unity or Gnome) or Kubuntu (KDE) desktop to a server using:
sudo apt-get install ubuntu-desktop

:or

sudo apt-get install kubuntu-desktop

== LAMP server installation ==
During [[#Servers|server]] installation, you will have the option of installing a LAMP (Linux, Apache, MySQL, PHP) server stack. Many (but not all) open source servers use this integrated server stack. Drupal, for example, needs to have a LAMP server installed. If you intend to install a groupware server, however, make sure it is compatible with a LAMP server stack before choosing this option. Many groupware servers will install LAMP (or their own variation) automatically, so you do not need to install the LAMP stack. Others will install and use postgreSQL instead of MySQL, so you would not need to install a LAMP server.

=== Apache2 + MySQL + PHP ===
This is the preferred method:
sudo apt-get install tasksel
sudo tasksel install lamp-server

(Tip: During installation of the LAMP server, an initial MySQL "root" user password is created. This information will sometimes be needed when installing other server packages that use MySQL. I suggest writing the MySQL password down and taping it to the inside of the computer case cover for later reference. (Lock the computer case if you desire extra security.))

== Other servers ==
During server installation, you can choose other servers to install, as well. These include a [[#Mail Server|Mail server]] (Postfix with Dovecot), a [[#Bind9 (DNS server)|DNS server]] (bind9), the [[Kubuntu:Raring#Setup an SSH server|OpenSSH server]], a [[#Print server|print server]], a [[#Apache Tomcat (Java server)|Tomcat Java web server]], a [[Kubuntu_Raring_Networking#Samba_server|Samba file server]] (for use with Windows networks), and a [[Kubuntu_Raring_Virtual_Machines#Xen|virtual machine host]] (Xen). Again, if you are using a groupware solution, you should be careful about installing these services, as they may conflict with similar (but competing) servers which the groupware solution will install by default.

=== eBox (server and network manager) ===
[http://www.ebox-platform.com/ eBox] is a web-browser based server management platform that is useful in managing multiple servers and networking functions in a small to medium business. It is modular so that as the network grows and more networking functions or servers (such as the ones listed below) are added, eBox can manage those, as well. Install:
sudo apt-get install ebox

=== OpenSSH server ===
OpenSSH allows encrypted communications through a designated secure port. See [[Kubuntu_Raring_Networking#Setup_an_SSH_server|setting up an SSH server]].

=== Mail Server ===
* See [[Kubuntu_Raring_Groupware_and_Web_Publishing#Mail_servers|this section]].

There are two methods for setting up a mail server.

* The dovecot-postfix package install the components and configuration files to use the Maildir (mail spooling) folder system by default. See [[Kubuntu_Raring_Groupware_and_Web_Publishing#Postfix_.2F_Dovecot_.28Mail_Server.29|Dovecot-Postfix Mail server]].

* The mail-server task installs the components and configuration files to use the mbox (mail spooling) system by default. This can be installed:
sudo apt-get install tasksel
sudo tasksel install mail-server

=== Bind9 (DNS server) ===
[http://en.wikipedia.org/wiki/BIND BIND] DNS servers are the most commonly used on the Internet. Bind9 is the current edition. See the [http://www.bind9.net/manual/bind/9.2.5/Bv9ARM.html usage instruction here]. Also see the [http://help.ubuntu.com/13.04/serverguide/dns.html official Ubuntu documentation] for more configuration information. It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install dns-server

=== Apache Tomcat (Java server) ===
[http://tomcat.apache.org/ Tomcat] is a free open source platform from Apache which provides a "pure Java" HTTP web server environment for Java code to run (see [http://en.wikipedia.org/wiki/Apache_tomcat here] for more info).

It is not part of the Apache2 web server. See the [http://help.ubuntu.com/13.04/serverguide/tomcat.html official Ubuntu documentation] for more configuration information. It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install tomcat-server

=== Xen virtual machine host ===
[http://www.xen.org/ Xen] is a free open source virtualization platform that allows the host to run "guest" operating systems simultaneously (see [http://en.wikipedia.org/wiki/Xen here] for more info). Xen implementation in the (K)ubuntu server is based on integration with [http://en.wikipedia.org/wiki/Kernel-based_Virtual_Machine KVM], the kernel-based virtualization platform in Linux. KVM integrates with [http://bellard.org/qemu/about.html QEMU] components, which have been merged with Xen.

Note: KVM requires a 64-bit processor with a virtualization extension, i.e. an [http://en.wikipedia.org/wiki/X86_virtualization#Intel_Virtualization_Technology_.28Intel_VT.29 Intel VT] or [http://en.wikipedia.org/wiki/X86_virtualization#AMD_virtualization_.28AMD-V.29 AMD-V] CPU, therefore this package currently is successful only with the 64-bit Ubuntu server installation and on those CPUs.

It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install virt-host

=== Print server ===
Ubuntu uses the [http://help.ubuntu.com/13.04/serverguide/cups.html CUPS print server], which is integrated into the desktop. Installing a print server in Ubuntu Server is necessary only if you do not intend to use a desktop (i.e. you intend a "headless" server). It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install print-server

=== OpenLDAP ===
[http://www.openldap.org/ OpenLDAP] is a community-based [http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol LDAP] server that allows directory querying over TCP/IP, generally for organizations arranged by domain. Ubuntu uses the slapd daemon for the OpenLDAP server. See the [http://help.ubuntu.com/13.04/serverguide/openldap-server.html official Ubuntu documentation] for more information about installation and setup.

=== Proxy server ===
==== Squid ====
[http://www.squid-cache.org/ Squid] is a widely-used proxy web server and web cache daemon that is useful for corporate or other large LANs that wish to accelerate and/or control traffic through the LAN. For initial configuration information, see the [http://help.ubuntu.com/13.04/serverguide/squid.html official Ubuntu documentation]. Install:
sudo apt-get install squid

==== Privoxy ====
[http://www.privoxy.org/ Privoxy] is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. It is easier to configure and more useful for individual users. Install:
sudo apt-get install privoxy

=== Reverse proxy Servers and Load Balancers ===
A [http://en.wikipedia.org/wiki/Reverse_proxy reverse proxy] server allows incoming web traffic on a LAN to be directed to multiple computers (each running one or more servers) on the LAN. When redundant instances of a server exist on a LAN, a [http://en.wikipedia.org/wiki/Load_balancing_%28computing%29 Load Balancer] allows traffic to be directed to the most available instance.

==== Pound (Reverse proxy and load balancer) ====
[http://www.apsis.ch/pound/ Pound] is a free, open source (GPL-licensed) lightweight reverse proxy and load balancer. Also see the [https://help.ubuntu.com/community/Pound Ubuntu Community] instructions. Install:
sudo apt-get install pound

==== Apache Reverse proxy ====
The Apache2 server has a [http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass mod_proxy] module available that enables reverse proxies. See [[Apache2_reverse_proxies|these instructions]] for a simple method to implement reverse proxies using this Apache module.

=== Control panels ===
There are several free and/or GPL-licensed control panel utilities for managing multiple servers on a single physical server or cluster of servers running Debian/Ubuntu-based servers. [http://www.techmixer.com/best-free-web-hosting-control-panel-to-manage-web-hosting/ Here] is a brief overview.

* [http://www.webmin.com/ Webmin] is the most widely used web browser-based free open source web hosting control panel for Linux.
* [http://gnupanel.org/ GNUPanel] is a free GPL-licensed web hosting control panel system that is compatible with Debian/Ubuntu OS using PHP.
* [http://www.web-cp.net/ Web-cp.net] is a free GPL-licensed web hosting control panel system that is compatible with Debian/Ubuntu OS using PHP.

= Network Attached Servers =
* [[Commercial_NAS|Here]] are some user-contributed suggestions regarding commercially available NAS/RAID devices.

== FreeNAS ==
[http://www.freenas.org/ FreeNAS] allows a PC with several hard drives to function as a self-contained network attached storage RAID device. It is a very small, fast system, so that an older PCs could function quite well as an NAS.

= Setup RAID in Ubuntu/Kubuntu =
See [http://ubuntuforums.org/showthread.php?t=408461 this thread] for a discussion how to set up RAID on an Ubuntu/Kubuntu server.

= Databases =
There are several free enterprise-strength databases that can be used in (K)Ubuntu Linux.
== PostgreSQL ==
[http://www.postgresql.org/ PostgreSQL] is a free standards-compliant enterprise-strength open-source database, initially developed at UC Berkeley. See the [http://www.postgresql.org/docs/8.4/static/admin.html PostgreSQL Server documentation] for server configuration information. Install using the dummy task:
sudo apt-get install tasksel
sudo tasksel postgresql-server

: or install directly:
sudo apt-get install postgresql-8.4

::or

sudo apt-get install postgresql

== MySQL ==
[http://en.wikipedia.org/wiki/MySQL MySQL] is one of the most widely-used relational databases, and has been licensed under the GPLv2. It has now been bought by Oracle as part of the purchase of Sun. It has long been integrated into co-ordinated server platforms using the [[#LAMP server installation|LAMP]] stack, but it can also be installed separately.
sudo apt-get install mysql-server

== MariaDB ==
Since the purchase of MySQL by Oracle, an effort to maintain a true community-driven replacement for MySQL has emerged in the form of [https://mariadb.org/ MariaDB], whose lead developer is the founder of the original MySQL. It is touted as a drop-in replacement for MySQL on a verion-by-version basis. (See [https://kb.askmonty.org/en/mariadb-versus-mysql-compatibility/ this comparison].) Installation is from the [https://downloads.mariadb.org/mariadb/repositories/ MariaDB repositories]. For example, to install MariaDB version 10.0:

sudo apt-get install software-properties-common
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943db
sudo add-apt-repository 'deb <nowiki>http://ftp.osuosl.org/pub/mariadb/repo/10.0/ubuntu</nowiki> raring main'
sudo apt-get update
sudo apt-get install mariadb-server

:Note: Key servers often use port 11371. Make sure your [[Kubuntu_Raring_Network_Management#Firewall|firewall]] allows port 11371 to be open.

* For troubleshooting information, see [http://kb.askmonty.org/en/installing-mariadb-deb-files/ this page] and [http://stackoverflow.com/questions/16214517/installing-mariadb-unmet-dependencies-mariadb-server-5-5 this page].

Template:K Raring/Servers

Perspectoff — Sat, 15 Jun 2013 18:06:35 GMT

Perspectoff: /* MariaDB */

= Servers =
Many server packages (such as Apache2, MySQL, PHP, etc.) can be installed individually, on either a Desktop edition or a Server edition (using the tasksel command described below). It is not necessary in general, therefore, to install Ubuntu Server if you only wish to use an occasional server package on a Desktop edition. Most of the instructions for individual server packages will work on the Server edition, on the Desktop edition, or on a Server edition that has had an Ubuntu or Kubuntu desktop installed on it.

Nevertheless, the Server edition is optimised for speed and ease of monitoring and maintenance when implemented in large networks and is therefore recommended. (For complete information see the [http://help.ubuntu.com/12.04/serverguide/index.html Ubuntu Server Guide].) It is always possible to [[#Add a desktop to an Ubuntu Server|add an Ubuntu (Gnome) or Kubuntu (KDE) GUI desktop to an Ubuntu Server]] at any time.

* Download the latest Ubuntu Server ISO image from [http://releases.ubuntu.com/raring/ Ubuntu downloads].
* See [http://help.ubuntu.com/community/BurningIsoHowto this guide] for burning the ISO image to a CD.
* [[Boot_from_a_Live_CD|Use the CD]] for installation of the server.

(If you are attempting to create a dual-boot or multi-boot configuration with multiple operating systems on your computer, then see [[Kubuntu_Raring_Installation#Dual-Booting_Windows_and_Kubuntu|these tips]].)

(Tip: During installation of the server, an initial user / password is created. Many servers are intended to run unattended with little subsequent intervention and it can be easy to forget the original user / password pair that is created at installation. I suggest writing this information down and taping it to the inside of the computer case cover for later reference. (Lock the computer case if you desire extra security.))

There are many server packages that are available to be installed as a one-step process during the Server edition installation process from the LiveCD, or at any time (on most editions) using the [http://wiki.debian.org/tasksel tasksel] command. For a list of server packages that can be installed using the tasksel command:
sudo apt-get install tasksel
sudo tasksel --list-tasks

::or using a GUI list:
sudo tasksel

=== Ultimate Server Walkthrough ===
* Using instructions from Kubuntuguide, an ultimate server can be created with two wikis ([[Kubuntu_Raring_Groupware_and_Web_Publishing#MediaWiki|MediaWiki]]), two [[Kubuntu_Raring_Groupware_and_Web_Publishing#Drupal_.28Web_content_publishing.29|Drupal]] websites, a [[Kubuntu_Raring_Groupware_and_Web_Publishing#Moodle|Moodle]] online learning website, a [[Kubuntu_Raring_Internet#BigBlueButton|BigBlueButton]] teleconferencing server, a [[Kubuntu_Raring_Servers#Add_a_desktop_to_an_Ubuntu_Server|Kubuntu desktop]], and [[Kubuntu_Raring_Networking#Using_Dynamic_IP_addresses_for_a_webserver|dynamic DNS]] access from the web. All components can be expanded and/or additional servers added.

:* [[Ultimate Server Lucid|Lucid]] ultimate server walkthrough.
:* Original [[Ultimate Server Jaunty|Jaunty]] ultimate server walkthrough.

:* To run multiple servers on multiple computers on a LAN using only a single IP address and router, see [[Kubuntu_Raring_Servers#Reverse_proxy_Servers_and_Load_Balancers|Reverse proxy Servers and Load Balancers]].

== Add a desktop to an Ubuntu Server ==
Packages that require server capabilities (such as Drupal with Apache, etc.) are often happier when a Server edition is installed as the base OS. However, adding a desktop can make the administration and maintenance of many packages easier for many users (albeit with a cost of reduced server speed). Add an Ubuntu (Unity or Gnome) or Kubuntu (KDE) desktop to a server using:
sudo apt-get install ubuntu-desktop

:or

sudo apt-get install kubuntu-desktop

== LAMP server installation ==
During [[#Servers|server]] installation, you will have the option of installing a LAMP (Linux, Apache, MySQL, PHP) server stack. Many (but not all) open source servers use this integrated server stack. Drupal, for example, needs to have a LAMP server installed. If you intend to install a groupware server, however, make sure it is compatible with a LAMP server stack before choosing this option. Many groupware servers will install LAMP (or their own variation) automatically, so you do not need to install the LAMP stack. Others will install and use postgreSQL instead of MySQL, so you would not need to install a LAMP server.

=== Apache2 + MySQL + PHP ===
This is the preferred method:
sudo apt-get install tasksel
sudo tasksel install lamp-server

(Tip: During installation of the LAMP server, an initial MySQL "root" user password is created. This information will sometimes be needed when installing other server packages that use MySQL. I suggest writing the MySQL password down and taping it to the inside of the computer case cover for later reference. (Lock the computer case if you desire extra security.))

== Other servers ==
During server installation, you can choose other servers to install, as well. These include a [[#Mail Server|Mail server]] (Postfix with Dovecot), a [[#Bind9 (DNS server)|DNS server]] (bind9), the [[Kubuntu:Raring#Setup an SSH server|OpenSSH server]], a [[#Print server|print server]], a [[#Apache Tomcat (Java server)|Tomcat Java web server]], a [[Kubuntu_Raring_Networking#Samba_server|Samba file server]] (for use with Windows networks), and a [[Kubuntu_Raring_Virtual_Machines#Xen|virtual machine host]] (Xen). Again, if you are using a groupware solution, you should be careful about installing these services, as they may conflict with similar (but competing) servers which the groupware solution will install by default.

=== eBox (server and network manager) ===
[http://www.ebox-platform.com/ eBox] is a web-browser based server management platform that is useful in managing multiple servers and networking functions in a small to medium business. It is modular so that as the network grows and more networking functions or servers (such as the ones listed below) are added, eBox can manage those, as well. Install:
sudo apt-get install ebox

=== OpenSSH server ===
OpenSSH allows encrypted communications through a designated secure port. See [[Kubuntu_Raring_Networking#Setup_an_SSH_server|setting up an SSH server]].

=== Mail Server ===
* See [[Kubuntu_Raring_Groupware_and_Web_Publishing#Mail_servers|this section]].

There are two methods for setting up a mail server.

* The dovecot-postfix package install the components and configuration files to use the Maildir (mail spooling) folder system by default. See [[Kubuntu_Raring_Groupware_and_Web_Publishing#Postfix_.2F_Dovecot_.28Mail_Server.29|Dovecot-Postfix Mail server]].

* The mail-server task installs the components and configuration files to use the mbox (mail spooling) system by default. This can be installed:
sudo apt-get install tasksel
sudo tasksel install mail-server

=== Bind9 (DNS server) ===
[http://en.wikipedia.org/wiki/BIND BIND] DNS servers are the most commonly used on the Internet. Bind9 is the current edition. See the [http://www.bind9.net/manual/bind/9.2.5/Bv9ARM.html usage instruction here]. Also see the [http://help.ubuntu.com/13.04/serverguide/dns.html official Ubuntu documentation] for more configuration information. It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install dns-server

=== Apache Tomcat (Java server) ===
[http://tomcat.apache.org/ Tomcat] is a free open source platform from Apache which provides a "pure Java" HTTP web server environment for Java code to run (see [http://en.wikipedia.org/wiki/Apache_tomcat here] for more info).

It is not part of the Apache2 web server. See the [http://help.ubuntu.com/13.04/serverguide/tomcat.html official Ubuntu documentation] for more configuration information. It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install tomcat-server

=== Xen virtual machine host ===
[http://www.xen.org/ Xen] is a free open source virtualization platform that allows the host to run "guest" operating systems simultaneously (see [http://en.wikipedia.org/wiki/Xen here] for more info). Xen implementation in the (K)ubuntu server is based on integration with [http://en.wikipedia.org/wiki/Kernel-based_Virtual_Machine KVM], the kernel-based virtualization platform in Linux. KVM integrates with [http://bellard.org/qemu/about.html QEMU] components, which have been merged with Xen.

Note: KVM requires a 64-bit processor with a virtualization extension, i.e. an [http://en.wikipedia.org/wiki/X86_virtualization#Intel_Virtualization_Technology_.28Intel_VT.29 Intel VT] or [http://en.wikipedia.org/wiki/X86_virtualization#AMD_virtualization_.28AMD-V.29 AMD-V] CPU, therefore this package currently is successful only with the 64-bit Ubuntu server installation and on those CPUs.

It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install virt-host

=== Print server ===
Ubuntu uses the [http://help.ubuntu.com/13.04/serverguide/cups.html CUPS print server], which is integrated into the desktop. Installing a print server in Ubuntu Server is necessary only if you do not intend to use a desktop (i.e. you intend a "headless" server). It can be installed using the tasksel option during installation of the Ubuntu [[#Servers|server]] from the LiveCD, or at any time using:
sudo tasksel install print-server

=== OpenLDAP ===
[http://www.openldap.org/ OpenLDAP] is a community-based [http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol LDAP] server that allows directory querying over TCP/IP, generally for organizations arranged by domain. Ubuntu uses the slapd daemon for the OpenLDAP server. See the [http://help.ubuntu.com/13.04/serverguide/openldap-server.html official Ubuntu documentation] for more information about installation and setup.

=== Proxy server ===
==== Squid ====
[http://www.squid-cache.org/ Squid] is a widely-used proxy web server and web cache daemon that is useful for corporate or other large LANs that wish to accelerate and/or control traffic through the LAN. For initial configuration information, see the [http://help.ubuntu.com/13.04/serverguide/squid.html official Ubuntu documentation]. Install:
sudo apt-get install squid

==== Privoxy ====
[http://www.privoxy.org/ Privoxy] is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. It is easier to configure and more useful for individual users. Install:
sudo apt-get install privoxy

=== Reverse proxy Servers and Load Balancers ===
A [http://en.wikipedia.org/wiki/Reverse_proxy reverse proxy] server allows incoming web traffic on a LAN to be directed to multiple computers (each running one or more servers) on the LAN. When redundant instances of a server exist on a LAN, a [http://en.wikipedia.org/wiki/Load_balancing_%28computing%29 Load Balancer] allows traffic to be directed to the most available instance.

==== Pound (Reverse proxy and load balancer) ====
[http://www.apsis.ch/pound/ Pound] is a free, open source (GPL-licensed) lightweight reverse proxy and load balancer. Also see the [https://help.ubuntu.com/community/Pound Ubuntu Community] instructions. Install:
sudo apt-get install pound

==== Apache Reverse proxy ====
The Apache2 server has a [http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass mod_proxy] module available that enables reverse proxies. See [[Apache2_reverse_proxies|these instructions]] for a simple method to implement reverse proxies using this Apache module.

=== Control panels ===
There are several free and/or GPL-licensed control panel utilities for managing multiple servers on a single physical server or cluster of servers running Debian/Ubuntu-based servers. [http://www.techmixer.com/best-free-web-hosting-control-panel-to-manage-web-hosting/ Here] is a brief overview.

* [http://www.webmin.com/ Webmin] is the most widely used web browser-based free open source web hosting control panel for Linux.
* [http://gnupanel.org/ GNUPanel] is a free GPL-licensed web hosting control panel system that is compatible with Debian/Ubuntu OS using PHP.
* [http://www.web-cp.net/ Web-cp.net] is a free GPL-licensed web hosting control panel system that is compatible with Debian/Ubuntu OS using PHP.

= Network Attached Servers =
* [[Commercial_NAS|Here]] are some user-contributed suggestions regarding commercially available NAS/RAID devices.

== FreeNAS ==
[http://www.freenas.org/ FreeNAS] allows a PC with several hard drives to function as a self-contained network attached storage RAID device. It is a very small, fast system, so that an older PCs could function quite well as an NAS.

= Setup RAID in Ubuntu/Kubuntu =
See [http://ubuntuforums.org/showthread.php?t=408461 this thread] for a discussion how to set up RAID on an Ubuntu/Kubuntu server.

= Databases =
There are several free enterprise-strength databases that can be used in (K)Ubuntu Linux.
== PostgreSQL ==
[http://www.postgresql.org/ PostgreSQL] is a free standards-compliant enterprise-strength open-source database, initially developed at UC Berkeley. See the [http://www.postgresql.org/docs/8.4/static/admin.html PostgreSQL Server documentation] for server configuration information. Install using the dummy task:
sudo apt-get install tasksel
sudo tasksel postgresql-server

: or install directly:
sudo apt-get install postgresql-8.4

::or

sudo apt-get install postgresql

== MySQL ==
[http://en.wikipedia.org/wiki/MySQL MySQL] is one of the most widely-used relational databases, and has been licensed under the GPLv2. It has now been bought by Oracle as part of the purchase of Sun. It has long been integrated into co-ordinated server platforms using the [[#LAMP server installation|LAMP]] stack, but it can also be installed separately.
sudo apt-get install mysql-server

== MariaDB ==
Since the purchase of MySQL by Oracle, an effort to maintain a true community-driven replacement for MySQL has emerged in the form of [https://mariadb.org/ MariaDB], whose lead developer is the founder of the original MySQL. It is touted as a drop-in replacement for MySQL on a verion-by-version basis. (See [https://kb.askmonty.org/en/mariadb-versus-mysql-compatibility/ this comparison].) Installation is from the [https://downloads.mariadb.org/mariadb/repositories/ MariaDB repositories]. For example, to install MariaDB version 10.0:

sudo apt-get install software-properties-common
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943db
sudo add-apt-repository 'deb <nowiki>http://ftp.osuosl.org/pub/mariadb/repo/10.0/ubuntu</nowiki> raring main'
sudo apt-get update
sudo apt-get install mariadb-server

:Note: Key servers often use port 11371. Make sure your [[Kubuntu_Raring_Network_Management#Firewall|firewall]] allows port 11371 to be open.

* For troubleshooting information, see [http://kb.askmonty.org/en/installing-mariadb-deb-files/ this page].

Template:Tor

Perspectoff — Sat, 15 Jun 2013 16:43:21 GMT

Perspectoff: /* Prevent autostart of proxies and Tor */

= Tor =
[http://www.torproject.org/ Tor] is a project to allow privacy while using the Internet and to limit usage tracking. It routes your traffic through several anonymous nodes, so that your usage appears to come from an IP other than your own. (There are always risks when using the Internet that even Tor can not help with, though. Read [http://www.torproject.org/download.html.en#Warning this].) Using Tor can slow down your Internet usage significantly, depending on how much traffic is being passed through the Tor network (routine file-sharing or large downloads will also significantly reduce performance of the Tor network.)

* Tor network speed improves when there are more [https://www.torproject.org/getinvolved/volunteer.html.en volunteers] to run [https://www.torproject.org/docs/tor-doc-relay.html.en relays] (and relays have better anonymity), bridges, and exit nodes. Please consider being a relay or bridge node if your ISP does not filter Tor and you have good bandwidth. Additonally please consider configuring your relay as an [https://www.torproject.org/docs/faq.html.en#ExitPolicies exit node] (if you are in a favorable network and don't mind a little bit of potential [https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment hassle] for being an exit node).

== Install Tor (Network privacy) ==
* Install Tor by following the instructions [https://www.torproject.org/docs/debian here]. Note that the instructions require port 11371 on your firewall to be open to use the gpg keyserver (and download the key for the debian package). Then see the [http://www.torproject.org/docs/tor-doc-unix.html Tor installation guide] for details. In general:
sudo apt-get install tor

* Tor can be run in its default configuration from the command-line (or from a menu item with the "Advanced -> Run in terminal" box ticked):
tor

:A separate menu item can be created to reliably shut down Tor:
sudo killall tor

* By default Tor listens for Socks5 traffic on port 9050. (Socks5 proxies are able to tunnel both UDP and HTTP traffic through them.) In general, applications (including other daisy-chained proxies) should be configured to use Tor as a Socks5 proxy on port 9050.

* I don't like Tor to automatically start at boot, so I edit the /etc/tor/torrc configuration file (use the ''gedit'' text editor instead of ''kate'' if using Ubuntu instead of Kubuntu):
sudo kate /etc/tor/torrc

:and change the line so it looks like:
#RunAsDaemon 1
RunAsDaemon 0

:then restart Tor:
sudo /etc/init.d/tor restart

== Using Tor with Firefox ==
[[File:Prefapp1.png|18 px]] Tor acts as a [https://en.wikipedia.org/wiki/SOCKS Socks5 proxy] on port 9050. Recent versions of Firefox allow direction of all traffic, including DNS resolution, through a Socks5 proxy. To enable this behaviour (after starting and running a previously installed version of Tor):
:Firefox -> Edit -> Preferences -> Advanced -> Network -> Connection:Settings -> Manual proxy configuration (''ticked'') -> SOCKS Host: ''127.0.0.1'' (or ''localhost'') -> Port: ''9050'' -> SOCKSv5 (''ticked'') -> No Proxy for: ''127.0.0.1'' (or ''localhost'')
* To return to using Firefox without a proxy (such as Tor), choose "No proxy" in the Firefox Network settings:
:Firefox -> Edit -> Preferences -> Advanced -> Network -> Connection:Settings -> No proxy (''ticked'')

== Tor Browser Bundle ==
The [https://www.torproject.org/projects/torbrowser.html Tor Browser Bundle] (Tor, Vidalia GUI, a modified version of Firefox, and Torbutton) provides greater functionality and security than the stock Firefox version with the standalone Torbutton. Install from [https://www.torproject.org/projects/torbrowser.html here] the version for your language and unpack it. For example:
wget <nowiki>https://www.torproject.org/dist/torbrowser/linux/</nowiki>tor-browser-gnu-linux-x86_64-2.2.35-12-dev-en-US.tar.gz
tar -xvzf tor-browser-gnu-linux-x86_64-2.2.35-12-dev-en-US.tar.gz

Then change to the extracted directory and start the Tor Browser Bundle:
cd tor-browser_en-US
./start-tor-browser

A menu item can also be created with the command to start it.

=== Torbutton (Firefox plug-in) ===
Once the [[#Tor_Browser_Bundle|Tor Browser Bundle]] is installed and Tor is running properly, [https://www.torproject.org/torbutton/ Torbutton] allows you to choose whether to use Firefox through the Tor anonymizing network or not. Updates to Torbutton can be installed using the .xpi extension found directly from the [https://www.torproject.org/torbutton/ website].

* As of 2012, Torbutton only works with modified versions of Firefox found in the Tor Project's [https://www.torproject.org/projects/torbrowser.html Tor Browser Bundle] (Tor, Vidalia GUI, a modified version of Firefox, and Torbutton) or with some older (non-updated) versions of Firefox.

* Newer versions of Firefox may refuse to start when Torbutton is installed. If this occurs, Firefox must be started in safe mode:
firefox -safe-mode

:Be sure to select "Start in Safe Mode" instead of "Reset Firefox" (unless you want to erase all your configuration settings and erase all your extensions/add-ons/plug-ins). Once in Safe Mode, the Torbutton extension can be disabled or removed (Firefox -> Tools -> Add-ons -> Extensions -> Torbutton -> Remove) and Firefox set to use "No proxy" in the Firefox Network settings:
::Firefox -> Edit -> Preferences -> Advanced -> Network -> Connection:Settings -> No proxy (''ticked'')

* The standalone Torbutton add-on for Firefox disables many functions of Firefox (when used with older unmodified versions of Firefox), such as the Drag and Drop function. It must therefore be disabled (Firefox -> Tools -> Add-ons -> Extensions -> Torbutton -> Disable) while using many of these Firefox functions.

== Using Konversation with Tor ==
[[Kubuntu_Precise_Internet#Konversation_.28IRC_client.29|Konversation]] is an Internet Relay Chat client similar to [[MIRC|mIRC]]. Unfortunately, your IP address is easily determined while using an IRC client. Konversation directly allows the use of a Socks proxy, however. If running Tor on port 9050, configure Konversation to use the Socks5 proxy on port 9050:
:Konversation -> Settings -> Configure Konversation... -> Behavior: Connection -> Proxy (''ticked'') -> Type: ''Socks v5'' -> Address: ''127.0.0.1'' (or ''localhost'') -> Port: ''9050''

== Using proxies with Tor ==
=== usewithtor ===
* If you installed a recent version of Tor from the repositories, you will have installed the "[http://code.google.com/p/torsocks/ usewithtor]" package. A number of applications can be automatically redirected to the Torsocks proxy ([http://code.google.com/p/torsocks/ torsocks]) with this utility:
usewithtor ''myapplication''

A menu item with such a command can then be created.

* By using torsocks, usewithtor will also block an application from sending UDP traffic (which is not anonymized by the Tor network).

* Applications that you wish to "usewithtor" (with torsocks) or "torify" (with tsocks) should use port 8118 for the http proxy port and port 9050 for the socks port.

=== torify ===
* Another method is to "[https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO torify]" an application with a different tor socks proxy ([http://tsocks.sourceforge.net/ tsocks]) if tsocks has been configured (edit /etc/tor/tor-tsocks.conf).
torify ''myapplication''

* tsocks does not explictly block UDP traffic, so if it is desirable to allow UDP traffic while anonymizing fttp traffic, use this method.

=== Privoxy ===
* I use the Privoxy proxy to tunnel http traffic through Tor. Install the Privoxy http proxy:
sudo apt-get install privoxy

* Applications can be set to send their http traffic to Privoxy over port 8118; Privoxy will then in turn forward the http traffic to Tor over port 9050. (Use an IP address other than ''127.0.0.1'' if Privoxy and/or Tor are not on the local machine. Use ''localhost'' instead of ''127.0.0.1'' if using IPv6 addressing on your systems).

Note: For some older versions of Privoxy, users have reported better success designating the address of the host computer as ''127.0.0.1'' instead of ''localhost'' in the configuration settings.

* Edit configuration files.
:* In the configuration file Privoxy is configured by default to listen on port ''127.0.0.1'':8118. See [[#Firewall_considerations|Firewall considerations]]. Edit the Privoxy configuration file (use the ''gedit'' text editor instead of ''kate'' if using Ubuntu instead of Kubuntu):
sudo kate /etc/privoxy/config
::Add the lines
forward-socks5 / ''127.0.0.1'':9050 .
forward-socks4a / ''127.0.0.1'':9050 .

Note: socks5 allows more authentication choices, UDP for external DNS resolution, and accommodates IPv6. (By including both lines, socks4a is used as a fallback if a program does not support socks5.)

:*Restart Privoxy:
sudo /etc/init.d/privoxy restart

=== Other proxies ===
Other proxies such as [http://www.dest-unreach.org/socat/doc/socat.html socat], [http://www.pps.jussieu.fr/~jch/software/polipo/ Polipo] can also be used with Tor instead or Privoxy. [http://www.squid-cache.org/ Squid] can also be daisy-chained to one of the proxies.

=== Ensuring applications use the proxy ===
* See [https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/Misc#UnixandLinuxConfiguration this advice]. (Note: this is labeled as "old advice.") In (K)Ubuntu, the bash configuration files are at ~/.profile (i.e. /home/''user''/.profile) for the current user or at /etc/profile for system-wide usage. Using this advice, edit one of those two files and add the lines at the end of the file:
http_proxy=<nowiki>http://127.0.0.1:8118/</nowiki>
HTTP_PROXY=$http_proxy
export http_proxy HTTP_PROXY

==== Using specific applications with Tor ====
* [https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/WebBrowsers Web Browsers]
* [https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/EMail E-mail]
* [https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/IrcSilc IRC/SILC]
* [https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/TorifyHOWTO/FTP FTP]
* [https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/Misc Misc]
* [https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/InstantMessaging Instant Messaging]
:* Torchat can be used for IM through Tor. Install:
sudo apt-get install torchat

* Other applications may allow for the http proxy and the chainloaded socks services of Tor to be used independently (in parallel). Once Tor (and the relevant proxy or proxies) are running, the http proxy ''127.0.0.1'':8118 and the socks proxy ''127.0.0.1'':9050 can be specified in the configuration settings of an application that allows for this.

== Tor GUIs ==
* It is not necessary to use a GUI with Tor.

* If you will use Tor with a GUI interface (such as Vidalia or TorK), however, edit the Tor configuration file (use the ''gedit'' text editor instead of ''kate'' if using Ubuntu instead of Kubuntu):

sudo kate /etc/tor/torrc

:* Add the line so that the GUI interface can control Tor over port 9051:
ControlPort 9051

:Note: There is some concern that allowing control of Tor over port 9051 is not secure. If you will not be using a GUI, this step is not advised.

=== Vidalia (Tor interface) ===
[https://www.torproject.org/projects/vidalia.html Vidalia] is the recommended Qt4-based GUI frontend for Tor. If not installed with Tor, install:
sudo apt-get install vidalia

=== Tork (KDE Tor interface) ===
[http://sourceforge.net/projects/tork/ TorK] is a KDE interface for Tor that relied on the older Qt3 platform. It is no longer included in the (K)Ubuntu repositories (as of Natty 11.04). However, if desired it can still be installed (along with the required older Qt3 libraries) by adding the [http://packages.ubuntu.com/maverick/amd64/tork/download Maverick repository] (directly or using a package manager):
deb <nowiki>http://ubuntu.mirror.cambrium.nl/ubuntu/</nowiki> maverick main universe

* Installing TorK also will install privoxy and unless you have also added the Tor repository directly, will also install an older version of Tor from the Ubuntu universe repositories. See [http://ubuntuforums.org/archive/index.php/t-800115.html these installation tips]. Install:
sudo apt-get install tork privoxy

* Run TorK (K menu -> Internet -> TorK Anonymity Manager) for the first time using the First Run Wizard (TorK -> Tools -> First Run Wizard).
::"No, tor is going to run on this PC" then "I have to start Tor manually" then "Run A Tor client with default settings" then "I want to use Privoxy..." then "Privoxy starts in the background when my computer boots up" then go through the remaining options.
::I then start ("Play") TorK as a Client. I happen to like Konqueror for Anonymous browsing, since it worked the first time for me without a problem. I keep Firefox for non-Tor browsing (so I don't have to change any of its settings) or install Torbutton (see below). You may have to fiddle with your Network proxy settings in Konqueror or Firefox (if things don't work the way you expect them to).
* Allow the [[Ubuntu:All#Firewall|Firewall]] (like Firestarter) to allow ports 8118, 9050, 9051, or just turn off the firewall completely, until everything is working. Then turn the firewall back on. (You should monitor your firewall carefully. TorK has settings to automatically turn it off, if you aren't careful.) No ports are required to be left open in the firewall for Tor to work, as all traffic will be directed through the socks port 9050 (which avoids the firewall).
* Applications that you wish to "torify" (with tsocks) or "usewithtor" (with torsocks) should use port 8118 (i.e. 127.0.0.1:8118) for the http proxy and port 9050 (127.0.0.1:9050) for the socks port.

* Once configured as a client successfully, if you have the bandwidth and a stable environment please enable the client/relay mode and/or server mode so that the Tor bandwidth is increased.

* Note: Tork constantly monitors the network (both Tor and non-Tor traffic). This can cause slowing of the Tor traffic from your computer and even cause intermittent interruptions. (Tor runs in the background and does not require Tork to be running as a control module.) If Tor is running in a stable mode, it will be faster (and less problematic) to stop Tork (sudo killall tork) and allow Tor to run in the background.

* Note: Traffic that is routed through Privoxy (and then presumably to Tor from Privoxy if configured correctly) will be logged as "non-Tor" traffic by Tork. As long as Privoxy is working correctly, however, this traffic is being forwarded through the Tor socket.

* Tork does not start Privoxy properly. Privoxy must be started (prior to starting Tork) as a startup program (e.g. using the [[Kubuntu_Precise_System_Administration#Manage_Bootup.2FStartup_services|Bootup-Manager]]) or manually with the command:
sudo /etc/init.d/privoxy start

==== Prevent autostart of proxies and Tor ====
* Whenever I stopped the TorK GUI and then later wanted to start it again, I had to manually kill the Privoxy and Tor processes first.
sudo killall privoxy
sudo killall tor

* Further, Tor, Privoxy, and Polipo install themselves as automatically started services at bootup. Preventing automatic startup (at boot) of Tor and Privoxy (and/or Polipo) can be accomplished by one of the methods in this [http://ubuntuforums.org/showthread.php?t=1277224 Ubuntu Forums thread]. Personally, I like using [[Ubuntu_Precise_Tips#Choose_Bootup.2FStartup_services|Bootup-Manager]]:
sudo apt-get install bum

:but another option is:
sudo update-rc.d tor disable
sudo update-rc.d privoxy disable
sudo update-rc.d polipo disable

which will also stop updates from re-installing the applications as startup services when updates are made.

* If Privoxy is stopped, it must be re-started with the [[Ubuntu_Precise_Tips#Choose_Bootup.2FStartup_services|Bootup-Manager]] or using the command:
sudo /etc/init.d/privoxy start

== Firewall considerations ==
=== Single computer ===
If you have the Tor client, the proxy client (Privoxy, Polipo, or socat), and the browser client (or other application) on the same computer, you do not need to have any open ports in order to use Tor. In such a circumstance it is safest to block all ports that connect to the Internet. The socks proxy bypasses the firewall entirely (so there is no need to leave any ports open in order for it to communicate).

By closing all ports (using a firewall), applications will be prevented from bypassing Tor (accidentally or unknowingly). Later, if you wish to have some of your traffic directed through Tor and some of your traffic traffic routed outside of Tor, you can open the ports for the traffic that will not go through Tor.

=== Proxy on LAN ===
If the proxy (Privoxy, Polipo, socat, etc.) on your LAN is on a computer different from the computer(s) that have the end-user client applications, it is best to open the port (e.g. 8118) for communication only between computers on the LAN (with the end-application clients on them) and the computer on the LAN with the proxy on it. Port 8118 should then not be open to the Internet but only to the computers on the LAN that will use the proxy.

If the Proxy and Tor client are on different computers as well, port 9050 should be open (on the LAN, not on the Internet) between the computer with the Proxy and the computer with the Tor client only, so that the Proxy can forward traffic to the Tor client (but not to the Internet). (Obviously, if the Proxy and the Tor client are on the same computer, there is no need to open the 9050 port at all.)

=== Blocking all non-Tor traffic using iptables ===
To ensure that no unprotected traffic "leaks" from applications without your knowledge, it is possible to configure your firewall iptables to prevent all traffic except that which is transmitted through Tor.
* See [https://trac.torproject.org/projects/tor/wiki/doc/BlockNonTorTrafficDebian this page].

=== Tor network initialization ===
It may be necessary to open port 443 (or less desirably port 80) to allow resolution of the nodes of the Tor network. Consider using [[Ubuntu:All#DNS_Servers_and_Search_engines|DNS privacy methods]].

== Troubleshooting ==
*Some routers (including a certain version of the Linksys WRT54G) slow down when the incoming/outgoing connection log (cache) becomes full (which can happen with many Tor or P2P connections). Disable the Log if this problem occurs.

* Although applicable to p2p traffic, [http://ktorrent.org/wiki/index.php/FAQ#Problem_solving this information] is generically applicable to Tor as well.

== Other resources ==
* [http://www.torproject.org/docs/documentation.html Tor documentation]
* [https://www.torproject.org/projects/obfsproxy.html.en Obfsproxy] is a proxy to transform data between a client and a Bridge node into innocent looking data, in order to circumvent Deep Packet Inspection (DPI) censorship.
* [[Anonymous_email|Anonymous email]] tips -- setting up web-based email anonymously through the Tor network

* [http://www.cypherpunk.at/onioncat/ OnionCat] transmits IP-based data transparently through the Tor network on a location hidden basis. (Also see [http://www.abenteuerland.at/onioncat/ this info]).

Similar networks:

* [http://www.i2p2.de I2P] is another anonymizing network similar to Tor. (See [http://www.i2p2.de/debian instructions] and [https://help.ubuntu.com/community/I2P Ubuntu community help].)
* [http://freenetproject.org/ Freenet] is another anonymizing network similar to Tor.
* [https://gnunet.org/ Gnunet] is another anonymizing network similar to Tor.
* [https://secure.wikimedia.org/wikipedia/en/wiki/Anonymous_P2P#List_of_anonymous_P2P_networks_and_clients List of similar networks at Wikipedia]

Template:Tor

Perspectoff — Sat, 15 Jun 2013 16:39:44 GMT

Perspectoff: /* Tork (KDE Tor interface) */

= Tor =
[http://www.torproject.org/ Tor] is a project to allow privacy while using the Internet and to limit usage tracking. It routes your traffic through several anonymous nodes, so that your usage appears to come from an IP other than your own. (There are always risks when using the Internet that even Tor can not help with, though. Read [http://www.torproject.org/download.html.en#Warning this].) Using Tor can slow down your Internet usage significantly, depending on how much traffic is being passed through the Tor network (routine file-sharing or large downloads will also significantly reduce performance of the Tor network.)

* Tor network speed improves when there are more [https://www.torproject.org/getinvolved/volunteer.html.en volunteers] to run [https://www.torproject.org/docs/tor-doc-relay.html.en relays] (and relays have better anonymity), bridges, and exit nodes. Please consider being a relay or bridge node if your ISP does not filter Tor and you have good bandwidth. Additonally please consider configuring your relay as an [https://www.torproject.org/docs/faq.html.en#ExitPolicies exit node] (if you are in a favorable network and don't mind a little bit of potential [https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment hassle] for being an exit node).

== Install Tor (Network privacy) ==
* Install Tor by following the instructions [https://www.torproject.org/docs/debian here]. Note that the instructions require port 11371 on your firewall to be open to use the gpg keyserver (and download the key for the debian package). Then see the [http://www.torproject.org/docs/tor-doc-unix.html Tor installation guide] for details. In general:
sudo apt-get install tor

* Tor can be run in its default configuration from the command-line (or from a menu item with the "Advanced -> Run in terminal" box ticked):
tor

:A separate menu item can be created to reliably shut down Tor:
sudo killall tor

* By default Tor listens for Socks5 traffic on port 9050. (Socks5 proxies are able to tunnel both UDP and HTTP traffic through them.) In general, applications (including other daisy-chained proxies) should be configured to use Tor as a Socks5 proxy on port 9050.

* I don't like Tor to automatically start at boot, so I edit the /etc/tor/torrc configuration file (use the ''gedit'' text editor instead of ''kate'' if using Ubuntu instead of Kubuntu):
sudo kate /etc/tor/torrc

:and change the line so it looks like:
#RunAsDaemon 1
RunAsDaemon 0

:then restart Tor:
sudo /etc/init.d/tor restart

== Using Tor with Firefox ==
[[File:Prefapp1.png|18 px]] Tor acts as a [https://en.wikipedia.org/wiki/SOCKS Socks5 proxy] on port 9050. Recent versions of Firefox allow direction of all traffic, including DNS resolution, through a Socks5 proxy. To enable this behaviour (after starting and running a previously installed version of Tor):
:Firefox -> Edit -> Preferences -> Advanced -> Network -> Connection:Settings -> Manual proxy configuration (''ticked'') -> SOCKS Host: ''127.0.0.1'' (or ''localhost'') -> Port: ''9050'' -> SOCKSv5 (''ticked'') -> No Proxy for: ''127.0.0.1'' (or ''localhost'')
* To return to using Firefox without a proxy (such as Tor), choose "No proxy" in the Firefox Network settings:
:Firefox -> Edit -> Preferences -> Advanced -> Network -> Connection:Settings -> No proxy (''ticked'')

== Tor Browser Bundle ==
The [https://www.torproject.org/projects/torbrowser.html Tor Browser Bundle] (Tor, Vidalia GUI, a modified version of Firefox, and Torbutton) provides greater functionality and security than the stock Firefox version with the standalone Torbutton. Install from [https://www.torproject.org/projects/torbrowser.html here] the version for your language and unpack it. For example:
wget <nowiki>https://www.torproject.org/dist/torbrowser/linux/</nowiki>tor-browser-gnu-linux-x86_64-2.2.35-12-dev-en-US.tar.gz
tar -xvzf tor-browser-gnu-linux-x86_64-2.2.35-12-dev-en-US.tar.gz

Then change to the extracted directory and start the Tor Browser Bundle:
cd tor-browser_en-US
./start-tor-browser

A menu item can also be created with the command to start it.

=== Torbutton (Firefox plug-in) ===
Once the [[#Tor_Browser_Bundle|Tor Browser Bundle]] is installed and Tor is running properly, [https://www.torproject.org/torbutton/ Torbutton] allows you to choose whether to use Firefox through the Tor anonymizing network or not. Updates to Torbutton can be installed using the .xpi extension found directly from the [https://www.torproject.org/torbutton/ website].

* As of 2012, Torbutton only works with modified versions of Firefox found in the Tor Project's [https://www.torproject.org/projects/torbrowser.html Tor Browser Bundle] (Tor, Vidalia GUI, a modified version of Firefox, and Torbutton) or with some older (non-updated) versions of Firefox.

* Newer versions of Firefox may refuse to start when Torbutton is installed. If this occurs, Firefox must be started in safe mode:
firefox -safe-mode

:Be sure to select "Start in Safe Mode" instead of "Reset Firefox" (unless you want to erase all your configuration settings and erase all your extensions/add-ons/plug-ins). Once in Safe Mode, the Torbutton extension can be disabled or removed (Firefox -> Tools -> Add-ons -> Extensions -> Torbutton -> Remove) and Firefox set to use "No proxy" in the Firefox Network settings:
::Firefox -> Edit -> Preferences -> Advanced -> Network -> Connection:Settings -> No proxy (''ticked'')

* The standalone Torbutton add-on for Firefox disables many functions of Firefox (when used with older unmodified versions of Firefox), such as the Drag and Drop function. It must therefore be disabled (Firefox -> Tools -> Add-ons -> Extensions -> Torbutton -> Disable) while using many of these Firefox functions.

== Using Konversation with Tor ==
[[Kubuntu_Precise_Internet#Konversation_.28IRC_client.29|Konversation]] is an Internet Relay Chat client similar to [[MIRC|mIRC]]. Unfortunately, your IP address is easily determined while using an IRC client. Konversation directly allows the use of a Socks proxy, however. If running Tor on port 9050, configure Konversation to use the Socks5 proxy on port 9050:
:Konversation -> Settings -> Configure Konversation... -> Behavior: Connection -> Proxy (''ticked'') -> Type: ''Socks v5'' -> Address: ''127.0.0.1'' (or ''localhost'') -> Port: ''9050''

== Using proxies with Tor ==
=== usewithtor ===
* If you installed a recent version of Tor from the repositories, you will have installed the "[http://code.google.com/p/torsocks/ usewithtor]" package. A number of applications can be automatically redirected to the Torsocks proxy ([http://code.google.com/p/torsocks/ torsocks]) with this utility:
usewithtor ''myapplication''

A menu item with such a command can then be created.

* By using torsocks, usewithtor will also block an application from sending UDP traffic (which is not anonymized by the Tor network).

* Applications that you wish to "usewithtor" (with torsocks) or "torify" (with tsocks) should use port 8118 for the http proxy port and port 9050 for the socks port.

=== torify ===
* Another method is to "[https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO torify]" an application with a different tor socks proxy ([http://tsocks.sourceforge.net/ tsocks]) if tsocks has been configured (edit /etc/tor/tor-tsocks.conf).
torify ''myapplication''

* tsocks does not explictly block UDP traffic, so if it is desirable to allow UDP traffic while anonymizing fttp traffic, use this method.

=== Privoxy ===
* I use the Privoxy proxy to tunnel http traffic through Tor. Install the Privoxy http proxy:
sudo apt-get install privoxy

* Applications can be set to send their http traffic to Privoxy over port 8118; Privoxy will then in turn forward the http traffic to Tor over port 9050. (Use an IP address other than ''127.0.0.1'' if Privoxy and/or Tor are not on the local machine. Use ''localhost'' instead of ''127.0.0.1'' if using IPv6 addressing on your systems).

Note: For some older versions of Privoxy, users have reported better success designating the address of the host computer as ''127.0.0.1'' instead of ''localhost'' in the configuration settings.

* Edit configuration files.
:* In the configuration file Privoxy is configured by default to listen on port ''127.0.0.1'':8118. See [[#Firewall_considerations|Firewall considerations]]. Edit the Privoxy configuration file (use the ''gedit'' text editor instead of ''kate'' if using Ubuntu instead of Kubuntu):
sudo kate /etc/privoxy/config
::Add the lines
forward-socks5 / ''127.0.0.1'':9050 .
forward-socks4a / ''127.0.0.1'':9050 .

Note: socks5 allows more authentication choices, UDP for external DNS resolution, and accommodates IPv6. (By including both lines, socks4a is used as a fallback if a program does not support socks5.)

:*Restart Privoxy:
sudo /etc/init.d/privoxy restart

=== Other proxies ===
Other proxies such as [http://www.dest-unreach.org/socat/doc/socat.html socat], [http://www.pps.jussieu.fr/~jch/software/polipo/ Polipo] can also be used with Tor instead or Privoxy. [http://www.squid-cache.org/ Squid] can also be daisy-chained to one of the proxies.

=== Ensuring applications use the proxy ===
* See [https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/Misc#UnixandLinuxConfiguration this advice]. (Note: this is labeled as "old advice.") In (K)Ubuntu, the bash configuration files are at ~/.profile (i.e. /home/''user''/.profile) for the current user or at /etc/profile for system-wide usage. Using this advice, edit one of those two files and add the lines at the end of the file:
http_proxy=<nowiki>http://127.0.0.1:8118/</nowiki>
HTTP_PROXY=$http_proxy
export http_proxy HTTP_PROXY

==== Using specific applications with Tor ====
* [https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/WebBrowsers Web Browsers]
* [https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/EMail E-mail]
* [https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/IrcSilc IRC/SILC]
* [https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/TorifyHOWTO/FTP FTP]
* [https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/Misc Misc]
* [https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/InstantMessaging Instant Messaging]
:* Torchat can be used for IM through Tor. Install:
sudo apt-get install torchat

* Other applications may allow for the http proxy and the chainloaded socks services of Tor to be used independently (in parallel). Once Tor (and the relevant proxy or proxies) are running, the http proxy ''127.0.0.1'':8118 and the socks proxy ''127.0.0.1'':9050 can be specified in the configuration settings of an application that allows for this.

== Tor GUIs ==
* It is not necessary to use a GUI with Tor.

* If you will use Tor with a GUI interface (such as Vidalia or TorK), however, edit the Tor configuration file (use the ''gedit'' text editor instead of ''kate'' if using Ubuntu instead of Kubuntu):

sudo kate /etc/tor/torrc

:* Add the line so that the GUI interface can control Tor over port 9051:
ControlPort 9051

:Note: There is some concern that allowing control of Tor over port 9051 is not secure. If you will not be using a GUI, this step is not advised.

=== Vidalia (Tor interface) ===
[https://www.torproject.org/projects/vidalia.html Vidalia] is the recommended Qt4-based GUI frontend for Tor. If not installed with Tor, install:
sudo apt-get install vidalia

=== Tork (KDE Tor interface) ===
[http://sourceforge.net/projects/tork/ TorK] is a KDE interface for Tor that relied on the older Qt3 platform. It is no longer included in the (K)Ubuntu repositories (as of Natty 11.04). However, if desired it can still be installed (along with the required older Qt3 libraries) by adding the [http://packages.ubuntu.com/maverick/amd64/tork/download Maverick repository] (directly or using a package manager):
deb <nowiki>http://ubuntu.mirror.cambrium.nl/ubuntu/</nowiki> maverick main universe

* Installing TorK also will install privoxy and unless you have also added the Tor repository directly, will also install an older version of Tor from the Ubuntu universe repositories. See [http://ubuntuforums.org/archive/index.php/t-800115.html these installation tips]. Install:
sudo apt-get install tork privoxy

* Run TorK (K menu -> Internet -> TorK Anonymity Manager) for the first time using the First Run Wizard (TorK -> Tools -> First Run Wizard).
::"No, tor is going to run on this PC" then "I have to start Tor manually" then "Run A Tor client with default settings" then "I want to use Privoxy..." then "Privoxy starts in the background when my computer boots up" then go through the remaining options.
::I then start ("Play") TorK as a Client. I happen to like Konqueror for Anonymous browsing, since it worked the first time for me without a problem. I keep Firefox for non-Tor browsing (so I don't have to change any of its settings) or install Torbutton (see below). You may have to fiddle with your Network proxy settings in Konqueror or Firefox (if things don't work the way you expect them to).
* Allow the [[Ubuntu:All#Firewall|Firewall]] (like Firestarter) to allow ports 8118, 9050, 9051, or just turn off the firewall completely, until everything is working. Then turn the firewall back on. (You should monitor your firewall carefully. TorK has settings to automatically turn it off, if you aren't careful.) No ports are required to be left open in the firewall for Tor to work, as all traffic will be directed through the socks port 9050 (which avoids the firewall).
* Applications that you wish to "torify" (with tsocks) or "usewithtor" (with torsocks) should use port 8118 (i.e. 127.0.0.1:8118) for the http proxy and port 9050 (127.0.0.1:9050) for the socks port.

* Once configured as a client successfully, if you have the bandwidth and a stable environment please enable the client/relay mode and/or server mode so that the Tor bandwidth is increased.

* Note: Tork constantly monitors the network (both Tor and non-Tor traffic). This can cause slowing of the Tor traffic from your computer and even cause intermittent interruptions. (Tor runs in the background and does not require Tork to be running as a control module.) If Tor is running in a stable mode, it will be faster (and less problematic) to stop Tork (sudo killall tork) and allow Tor to run in the background.

* Note: Traffic that is routed through Privoxy (and then presumably to Tor from Privoxy if configured correctly) will be logged as "non-Tor" traffic by Tork. As long as Privoxy is working correctly, however, this traffic is being forwarded through the Tor socket.

* Tork does not start Privoxy properly. Privoxy must be started (prior to starting Tork) as a startup program (e.g. using the [[Kubuntu_Precise_System_Administration#Manage_Bootup.2FStartup_services|Bootup-Manager]]) or manually with the command:
sudo /etc/init.d/privoxy start

==== Prevent autostart of proxies and Tor ====
* Whenever I stopped the TorK GUI and then later wanted to start it again, I had to manually kill the Privoxy and Tor processes first.
sudo killall privoxy
sudo killall tor

* Further, Tor, Privoxy, and Polipo install themselves as automatically started services at bootup. Preventing automatic startup (at boot) of Tor and Privoxy (and/or Polipo) can be accomplished by one of the methods in this [http://ubuntuforums.org/showthread.php?t=1277224 Ubuntu Forums thread]. Personally, I like using [[Ubuntu:All#Choose_Bootup.2FStartup_services|Bootup-Manager]]:
sudo apt-get install bum

:but another option is:
sudo update-rc.d tor disable
sudo update-rc.d privoxy disable
sudo update-rc.d polipo disable

which will also stop updates from re-installing the applications as startup services when updates are made.

* If Privoxy is stopped, it must be re-started with the [[Ubuntu:All#Choose_Bootup.2FStartup_services|Bootup-Manager]] or using the command:
sudo /etc/init.d/privoxy start

== Firewall considerations ==
=== Single computer ===
If you have the Tor client, the proxy client (Privoxy, Polipo, or socat), and the browser client (or other application) on the same computer, you do not need to have any open ports in order to use Tor. In such a circumstance it is safest to block all ports that connect to the Internet. The socks proxy bypasses the firewall entirely (so there is no need to leave any ports open in order for it to communicate).

By closing all ports (using a firewall), applications will be prevented from bypassing Tor (accidentally or unknowingly). Later, if you wish to have some of your traffic directed through Tor and some of your traffic traffic routed outside of Tor, you can open the ports for the traffic that will not go through Tor.

=== Proxy on LAN ===
If the proxy (Privoxy, Polipo, socat, etc.) on your LAN is on a computer different from the computer(s) that have the end-user client applications, it is best to open the port (e.g. 8118) for communication only between computers on the LAN (with the end-application clients on them) and the computer on the LAN with the proxy on it. Port 8118 should then not be open to the Internet but only to the computers on the LAN that will use the proxy.

If the Proxy and Tor client are on different computers as well, port 9050 should be open (on the LAN, not on the Internet) between the computer with the Proxy and the computer with the Tor client only, so that the Proxy can forward traffic to the Tor client (but not to the Internet). (Obviously, if the Proxy and the Tor client are on the same computer, there is no need to open the 9050 port at all.)

=== Blocking all non-Tor traffic using iptables ===
To ensure that no unprotected traffic "leaks" from applications without your knowledge, it is possible to configure your firewall iptables to prevent all traffic except that which is transmitted through Tor.
* See [https://trac.torproject.org/projects/tor/wiki/doc/BlockNonTorTrafficDebian this page].

=== Tor network initialization ===
It may be necessary to open port 443 (or less desirably port 80) to allow resolution of the nodes of the Tor network. Consider using [[Ubuntu:All#DNS_Servers_and_Search_engines|DNS privacy methods]].

== Troubleshooting ==
*Some routers (including a certain version of the Linksys WRT54G) slow down when the incoming/outgoing connection log (cache) becomes full (which can happen with many Tor or P2P connections). Disable the Log if this problem occurs.

* Although applicable to p2p traffic, [http://ktorrent.org/wiki/index.php/FAQ#Problem_solving this information] is generically applicable to Tor as well.

== Other resources ==
* [http://www.torproject.org/docs/documentation.html Tor documentation]
* [https://www.torproject.org/projects/obfsproxy.html.en Obfsproxy] is a proxy to transform data between a client and a Bridge node into innocent looking data, in order to circumvent Deep Packet Inspection (DPI) censorship.
* [[Anonymous_email|Anonymous email]] tips -- setting up web-based email anonymously through the Tor network

* [http://www.cypherpunk.at/onioncat/ OnionCat] transmits IP-based data transparently through the Tor network on a location hidden basis. (Also see [http://www.abenteuerland.at/onioncat/ this info]).

Similar networks:

* [http://www.i2p2.de I2P] is another anonymizing network similar to Tor. (See [http://www.i2p2.de/debian instructions] and [https://help.ubuntu.com/community/I2P Ubuntu community help].)
* [http://freenetproject.org/ Freenet] is another anonymizing network similar to Tor.
* [https://gnunet.org/ Gnunet] is another anonymizing network similar to Tor.
* [https://secure.wikimedia.org/wikipedia/en/wiki/Anonymous_P2P#List_of_anonymous_P2P_networks_and_clients List of similar networks at Wikipedia]

Current events

Perspectoff — Sat, 15 Jun 2013 16:15:33 GMT

Perspectoff:

[[File:Soup_tux.png]]

::::Soup's on!

:Bring your recipe, spices, and a few

:favorite ingredients and there will be

:::enough for everyone!

<br>
-----------------------------------------------------------------------
<br>
::::<nowiki><</nowiki>''April 2013''<nowiki>></nowiki><br>
With the release of Raring Ringtail in April 2013, I am finding changes<br>
to both Ubuntu and Kubuntu too fast and too numerous to catalogue. Many<br>
of the changes I do not use and the "Web 3.0" philosophy of a pop-up for<br>
every screen has brought some of the greatest security risks to Internet<br>
use (due to the excessive scripting), IMO. For this reason I am very slow<br>
to use any (K)Ubuntu version later than Precise Pangolin 12.04 LTS, and the<br>
contents of this guide may fail to reflect the changes (especially in the<br>
Ubuntu sections) of the current versions for that reason. If you are a user<br>
of Quantal, Raring, or later versions, please add your knowledge to the wiki,<br>
as most of the current information has stalled, somewhat, at Precise.<br>
<br>

-----------------------------------------------------------------------

<br>
:::::<nowiki><</nowiki>''May 2012''<nowiki>></nowiki><br>
(K)Ubuntu 12.04 LTS Precise Pangolin is here and will be supported for<br>
5 years! I have now installed Kubuntu on multiple machines and they are<br>
now all are working and very stable. I needed the usual battery of tweaks<br>
and workarounds, with two new obstacles appearing (one in Grub2 and the<br>
other in the Dolphin file manager). See my [[Precise_Review|full review here]].<br>
<br>
I am now starting to evaluate the new Ubuntu Unity. IMO Ubuntu Unity has<br>
always been less powerful than Kubuntu's KDE, and it takes more memory<br>
to run. Still, Canonical owns the Unity interface, so they market it more <br>
aggressively, and [http://www.phoronix.com/scan.php?page=news_item&px=MTA5ODM project] a large installation base on consumer devices<br>
this year.

<br>
-----------------------------------------------------------------------
<br>
:::::<nowiki><</nowiki>''Feb 2012''<nowiki>></nowiki><br>
This month the lead developer of Kubuntu announced that Canonical will<br>
no longer fund Kubuntu as a standalone distribution (and will merely<br>
allow KDE packages to be available in the repositories as add-ons).<br>
This allows Canonical to focus on its own Unity user interface desktop<br>
in its bid to deploy a commercially successful platform on new hardware.<br>
<br>
In the past year the Mint distribution (which customises its own user<br>
interfaces) started the move from Ubuntu to Debian (especially for its<br>
KDE versions). Will other users now switch from Ubuntu to Debian,<br>
merely [http://wiki.debian.org/KDE adding the KDE desktop] to it? Debian has had a reputation for<br>
being rock-solid and stable and Debian-based servers are now (as of<br>
Jan 2012) [http://w3techs.com/technologies/history_details/os-linux the most deployed type of Linux server] worldwide<br>
(and [http://w3techs.com/technologies/overview/operating_system/all Linux/Unix servers account for > 64% of all websites]).<br>
Some Ubuntu advocates claim that Debian does not always<br>
use the most cutting-edge software versions (for better or worse)<br>
but other comparisons suggest a more reliable upgrade mechanism<br>
for Debian (probably due to the very nature of their conservative<br>
package choices). Will some users alternatively perhaps try<br>
OpenSuse (touted by some as the best KDE-oriented distro)? Maybe,<br>
but some OpenSuse packages (KTorrent, for example) have a reputation<br>
for restrictions based on commercial, licensing, and other legal<br>
considerations and have been eschewed by some for this reason.<br>
<br>
I have always maintained a Debian partition and will see how<br>
closely I can replicate Kubuntu using [http://wiki.debian.org/KDE Debian and a KDE desktop].<br>
<br>
-----------------------------------------------------------------------
<br>
:::::<nowiki><</nowiki>''Feb 2012''<nowiki>></nowiki><br>
Ok, I've finally joined the tablet craze. Everyone in my family now has<br>
tablets. We have low-end tablets/eBook readers without camera, mic, or<br>
Bluetooth connectivity (and therefore no wireless keyboard) and also<br>
without the ability to add devices like USB CD drives / USB hard drives.<br>
<br>
Having such a tablet creates new challenges and a greater need for<br>
servers, especially file servers (such as [[FTP_tips|FTP]]). Fortunately, this is<br>
where both (K)Ubuntu and Debian excel. Debian-based servers are now<br>
(as of Jan 2012) [http://w3techs.com/technologies/history_details/os-linux the most deployed type of Linux server] worldwide<br>
(and server functionality is built into the desktop versions of<br>
both Debian and (K)Ubuntu).<br>
<br>
To accommodate the displays and functionalities of the tablets, I have<br>
revised the appearance of (K)Ubuntuguide for easier navigation,<br>
faster loading, and flexibility of presentation: in icon-based<br>
tablet/netbook style, in full-page text style (the original format),<br>
and in eBook style (.epub format).<br>
<br>
-----------------------------------------------------------------------
<br>
:::::<nowiki><</nowiki>''Jan 2012''<nowiki>></nowiki><br>
This month I merged UbuntuGuide and KubuntuGuide on the<br>
University of Latvia server. I had been maintaining both separately<br>
since 2007, mostly because I did not have access to the Univ. of<br>
Latvia server files until recently (I had had KubuntuGuide hosted<br>
on my own servers for some time). Thanks to Krampo for giving<br>
me access.<br>
<br>
There are some problems with the Univ. of Latvia servers, of course<br>
(which I did not have on my servers). Their caching proxy configuration<br>
is quirky and has caused [[Help:Contents|frustration]] for the contributors to this<br>
wiki for some time. Nevertheless, they have 100% "up-time" and good<br>
bandwidth. Furthermore, they have registered the UbuntuGuide.org domain<br>
name for a decade and seem to be committed to the 'Guide.<br>
<br>
UbuntuGuide and KubuntuGuide share a certain amount of common<br>
content, so the merger also allows less editorial work. Further, there<br>
is cross-visibility between these two varieties of the Ubuntu OS<br>
family this way, which IMO is desirable. At the time of this writing,<br>
Kubuntu is (IMO) the more stable and flexible OS version, while the<br>
Unity version of Ubuntu is the most suitable for (eventual) deployment<br>
on tablets, which seems (to me) to be the goal (as a highly-<br>
developed alternative to Google Android). With this in mind, I will<br>
focus in the upcoming month in making (K)Ubuntuguide more suitable<br>
for viewing on both desktop/laptop and tablet/netbook screens.<br>
<br>
-----------------------------------------------------------------------
<br>
:::::<nowiki><</nowiki>''Oct 2011''<nowiki>></nowiki><br>
Spam is rampant on the Internet. Fortunately, this month<br>
Krampo has given me access to the UbuntuGuide.org wiki files,<br>
and I have now installed the anti-spam MediaWiki extensions<br>
in order to combat the endless spam that was plaguing this<br>
site (like many other websites). I have also installed a new<br>
Captcha mechanism, since the (old) Recaptcha was too-easily<br>
defeated by spammers. Please note that it is not the anti-spam<br>
mechanisms that slow/inhibit the ease of contributions; it is the<br>
caching proxy that is used by the University of Latvia servers<br>
that causes all the problems (something that is out of my control).<br>
Krampo assures me that work is underway at the Univ. of Latvia<br>
Linux Center to revise their servers (and efficiency). Please be<br>
patient.<br>
<br>
-----------------------------------------------------------------------
<br>
:::::<nowiki><</nowiki>''Nov 2007''<nowiki>></nowiki><br>
I ([[User:Perspectoff|Perspectoff]]) have taken over the maintenance and editing of<br>
Ubuntuguide due to the unreadabiliy of current content and the amount of<br>
spam that continues to appear on the wiki. As far as I can tell there is no<br>
active administrator or editor for the site, and it has fallen into disarray.<br>
I took over Kubuntuguide a few months ago, and intend in the future to make<br>
Ubuntuguide and Kubuntuguide similar in format, since they share many basic<br>
characteristics (and underlying packages).<br>
<br>

User:Perspectoff

Perspectoff — Sat, 15 Jun 2013 15:14:52 GMT

Perspectoff:

[[File:Science tux.png]]

From 2007 - 2012 I edited the English editions (grammar, spelling, and wiki appearance) of [http://ubuntuguide.org Ubuntuguide] and [http://ubuntuguide.org/wiki/Kubuntuguide Kubuntuguide], with the help of the excellent contributions by the users who added them. In 2012 I merged KubuntuGuide.org / Kubuntuguide.info with UbuntuGuide.org. During the same period I also ran a website called [http://ubuntudoctorsguild.dyndns.org Ubuntu Doctors Guild]. In early 2012 I moved several of my systems to [http://www.debian.org Debian] (with a [http://wiki.debian.org/KDE KDE desktop]) while maintaining multiple Kubuntu installations.

As of late 2012 I am only intermittently involved with the maintenance of this website.

I have been interested in distributed networks ("cloud computing") using Debian/Ubuntu/Kubuntu, especially using the Logical Volume Manager, RAID, and datacenter management tools that are useful for small and medium size businesses.

I am also an advocate for open-source (GPL-licensed) software solutions in health care, as a basis for a United States national health care system. I have served on a national standards committee regarding Health Information Technology in the US. A few years ago I created the (K)Ubuntu-derived [http://sourceforge.net/projects/ubuntu-med/ Ubuntu-Med] system (which is no longer maintained in its original form) and have now decided to focus on the [http://debian-med.alioth.debian.org/tasks/ Debian-Med] toolset instead, incorporating generic server functions into it.

== Background ==
I originally wrote software and software documentation for a large aerospace project and then for several military projects.

I was a UNIX and VMS user in the 1980s and networked two large organizations during the network protocol (TCP/IP) standardization period of the late 80s. I then made a detour to MS Windows for 10 years. Recently I have used Debian/(K)ubuntu over the past several years, on a network of triple boot systems (which includes multiple Windows-based boxes).

My home is wired using LinuxMCE (Media Center Edition) 7.10 running on Kubuntu 7.10 (Gutsy), X10 controllers, surveillance cameras and motion detectors, and distributed multimedia.

My medium-large organization (which is healthcare-related) uses Debian/Ubuntu servers with Kolab for groupware, Drupal for collaborative web content, MediaWiki as a wiki, and WorldVistA as an electronic medical record system. We have also used DAViCal as a group calendar server, with Mozilla Thunderbird/Lightning and Sunbird as clients. I have several advanced medical certifications, as well as several other degrees. I regularly collaborate with state and national governmental agencies (in the US) regarding health information technology.

I also regularly contribute to Wikipedia, especially on specialized software topics, including electronic medical records. Most of my philosophy in life comes from [[User:Buckaroo_Banzai|Buckaroo Banzai]]. I currently live and work in Northern California.

== Contact ==
My e-mail is [[File:Perpsectiveoffice_email.png|link=User:Perspectoff#Contact]].<br>
:<center> </center>
My involvement with this website is intermittent; my response time may be slow. Please contact one of the other [[Administrators]]. However, if you are having trouble making a submission to the 'guide, send it to me by email and I'll put it in for you (in a few days). I will also respond to sponsorship requests.<br>

== Wisdom ==
<bashfr />
<br>

== Until the Case is Sol-ved! ==


[[File:Clouseau270.jpg]]
<br><br>
'''Police Chief Lundallah''': He pulled himself across the floor using this wire. How else could he have avoided our radar field?<br>
'''Inspector Clouseau''': Yes, how else? Hmm. Of course, he would have needed a very slippery floor to do that...<br>
'''Police Chief Lundallah''': Therefore the wax.<br>
'''Inspector Clouseau''': The wax? ... AGHH! ''[Clouseau slips on the waxed floor and falls to the ground]''<br>
'''Col. Sharky''': Are you all right, Inspector?<br>
'''Inspector Clouseau''': ''[on his knees]'' Of course I'm alright. I'm... examining the wax. ''[sniffs the wax on the floor]'' Have you taken a sample of this wax?<br>
'''Police Chief Lundallah''': Wax is wax!<br>
'''Inspector Clouseau''': See, this is where you are wrong. Wax is NOT just wax. In this case it is a clue. Domestic wax, Belgian Wax, French Wax, English Wax...<br>
'''Col. Sharky''': Ah, the Inspector is right. Have the wax tested immediately.<br>

== Sandbox ==
A secluded beach on [http://en.wikipedia.org/wiki/Palau#Environment Palau]... or the desert of Black Rock City during [http://www.burningman.com/ Burning Man]... sand is not just sand.<br>

-----------------------------------------------------------------------------

Current events

Perspectoff — Sat, 15 Jun 2013 15:13:58 GMT

Perspectoff:

[[File:Soup_tux.png]]

::::Soup's on!

:Bring your recipe, spices, and a few

:favorite ingredients and there will be

:::enough for everyone!

<br>
-----------------------------------------------------------------------
<br>
::::<nowiki><</nowiki>''April 2013''<nowiki>></nowiki><br>
With the release of Raring Ringtail in April 2013, I am finding changes<br>
to both Ubuntu and Kubuntu too fast and too numerous to catalogue. Many<br>
of the changes I do not use and the "Web 3.0" philosophy of a pop-up for<br>
every screen has brought some of the greatest security risks to Internet<br>
use (due to the excessive scripting), IMO. For this reason I am very slow<br>
to use any (K)Ubuntu version later than Precise Pangolin 12.04 LTS, and the<br>
contents of this guide may fail to reflect the changes (especially in the<br>
Ubuntu sections) of the current versions for that reason. If you are a user<br>
of Quantal, Raring, or later versions, please add your knowledge to the wiki,<br>
as most of the current information has stalled, somewhat, at Precise.<br>
<br>

-----------------------------------------------------------------------

<br>
:::::<nowiki><</nowiki>''May 2012''<nowiki>></nowiki><br>
(K)Ubuntu 12.04 LTS Precise Pangolin is here and will be supported for<br>
5 years! I have now installed Kubuntu on multiple machines and they are<br>
now all are working and very stable. I needed the usual battery of tweaks<br>
and workarounds, with two new obstacles appearing (one in Grub2 and the<br>
other in the Dolphin file manager). See my [[Precise_Review|full review here]].<br>
<br>
I am now starting to evaluate the new Ubuntu Unity. IMO Ubuntu Unity has<br>
always been less powerful than Kubuntu's KDE, and it takes more memory<br>
to run. Still, Canonical owns the Unity interface, so they market it more <br>
aggressively, and [http://www.phoronix.com/scan.php?page=news_item&px=MTA5ODM project] a large installation base on consumer devices<br>
this year.

<br>
-----------------------------------------------------------------------
<br>
:::::<nowiki><</nowiki>''Feb 2012''<nowiki>></nowiki><br>
This month the lead developer of Kubuntu announced that Canonical will<br>
no longer fund Kubuntu as a standalone distribution (and will merely<br>
allow KDE packages to be available in the repositories as add-ons).<br>
This allows Canonical to focus on its own Unity user interface desktop<br>
in its bid to deploy a commercially successful platform on new hardware.<br>
<br>
In the past year the Mint distribution (which customises its own user<br>
interfaces) started the move from Ubuntu to Debian (especially for its<br>
KDE versions). Will other users now switch from Ubuntu to Debian,<br>
merely [http://wiki.debian.org/KDE adding the KDE desktop] to it? Debian has had a reputation for<br>
being rock-solid and stable and Debian-based servers are now (as of<br>
Jan 2012) [http://w3techs.com/technologies/history_details/os-linux the most deployed type of Linux server] worldwide<br>
(and [http://w3techs.com/technologies/overview/operating_system/all Linux/Unix servers account for > 64% of all websites]).<br>
Some Ubuntu advocates claim that Debian does not always<br>
use the most cutting-edge software versions (for better or worse)<br>
but other comparisons suggest a more reliable upgrade mechanism<br>
for Debian (probably due to the very nature of their conservative<br>
package choices). Will some users alternatively perhaps try<br>
OpenSuse (touted by some as the best KDE-oriented distro)? Maybe,<br>
but some OpenSuse packages (KTorrent, for example) have a reputation<br>
for restrictions based on commercial, licensing, and other legal<br>
considerations and have been eschewed by some for this reason.<br>
<br>
I have always maintained a Debian partition and will see how<br>
closely I can replicate Kubuntu using Debian and a KDE desktop.<br>
<br>
-----------------------------------------------------------------------
<br>
:::::<nowiki><</nowiki>''Feb 2012''<nowiki>></nowiki><br>
Ok, I've finally joined the tablet craze. Everyone in my family now has<br>
tablets. We have low-end tablets/eBook readers without camera, mic, or<br>
Bluetooth connectivity (and therefore no wireless keyboard) and also<br>
without the ability to add devices like USB CD drives / USB hard drives.<br>
<br>
Having such a tablet creates new challenges and a greater need for<br>
servers, especially file servers (such as [[FTP_tips|FTP]]). Fortunately, this is<br>
where both (K)Ubuntu and Debian excel. Debian-based servers are now<br>
(as of Jan 2012) [http://w3techs.com/technologies/history_details/os-linux the most deployed type of Linux server] worldwide<br>
(and server functionality is built into the desktop versions of<br>
both Debian and (K)Ubuntu).<br>
<br>
To accommodate the displays and functionalities of the tablets, I have<br>
revised the appearance of (K)Ubuntuguide for easier navigation,<br>
faster loading, and flexibility of presentation: in icon-based<br>
tablet/netbook style, in full-page text style (the original format),<br>
and in eBook style (.epub format).<br>
<br>
-----------------------------------------------------------------------
<br>
:::::<nowiki><</nowiki>''Jan 2012''<nowiki>></nowiki><br>
This month I merged UbuntuGuide and KubuntuGuide on the<br>
University of Latvia server. I had been maintaining both separately<br>
since 2007, mostly because I did not have access to the Univ. of<br>
Latvia server files until recently (I had had KubuntuGuide hosted<br>
on my own servers for some time). Thanks to Krampo for giving<br>
me access.<br>
<br>
There are some problems with the Univ. of Latvia servers, of course<br>
(which I did not have on my servers). Their caching proxy configuration<br>
is quirky and has caused [[Help:Contents|frustration]] for the contributors to this<br>
wiki for some time. Nevertheless, they have 100% "up-time" and good<br>
bandwidth. Furthermore, they have registered the UbuntuGuide.org domain<br>
name for a decade and seem to be committed to the 'Guide.<br>
<br>
UbuntuGuide and KubuntuGuide share a certain amount of common<br>
content, so the merger also allows less editorial work. Further, there<br>
is cross-visibility between these two varieties of the Ubuntu OS<br>
family this way, which IMO is desirable. At the time of this writing,<br>
Kubuntu is (IMO) the more stable and flexible OS version, while the<br>
Unity version of Ubuntu is the most suitable for (eventual) deployment<br>
on tablets, which seems (to me) to be the goal (as a highly-<br>
developed alternative to Google Android). With this in mind, I will<br>
focus in the upcoming month in making (K)Ubuntuguide more suitable<br>
for viewing on both desktop/laptop and tablet/netbook screens.<br>
<br>
-----------------------------------------------------------------------
<br>
:::::<nowiki><</nowiki>''Oct 2011''<nowiki>></nowiki><br>
Spam is rampant on the Internet. Fortunately, this month<br>
Krampo has given me access to the UbuntuGuide.org wiki files,<br>
and I have now installed the anti-spam MediaWiki extensions<br>
in order to combat the endless spam that was plaguing this<br>
site (like many other websites). I have also installed a new<br>
Captcha mechanism, since the (old) Recaptcha was too-easily<br>
defeated by spammers. Please note that it is not the anti-spam<br>
mechanisms that slow/inhibit the ease of contributions; it is the<br>
caching proxy that is used by the University of Latvia servers<br>
that causes all the problems (something that is out of my control).<br>
Krampo assures me that work is underway at the Univ. of Latvia<br>
Linux Center to revise their servers (and efficiency). Please be<br>
patient.<br>
<br>
-----------------------------------------------------------------------
<br>
:::::<nowiki><</nowiki>''Nov 2007''<nowiki>></nowiki><br>
I ([[User:Perspectoff|Perspectoff]]) have taken over the maintenance and editing of<br>
Ubuntuguide due to the unreadabiliy of current content and the amount of<br>
spam that continues to appear on the wiki. As far as I can tell there is no<br>
active administrator or editor for the site, and it has fallen into disarray.<br>
I took over Kubuntuguide a few months ago, and intend in the future to make<br>
Ubuntuguide and Kubuntuguide similar in format, since they share many basic<br>
characteristics (and underlying packages).<br>
<br>

Ubuntu:All Versions

Perspectoff — Mon, 10 Jun 2013 15:29:51 GMT

Perspectoff:

__NOTOC__
[[Image:Ubuntuguide_logo.png|link=Ubuntu:All_Versions]]

* '''[[Ubuntu_Raring | 13.04 (Raring Ringtail)]]''' - '''CURRENT NON-LTS VERSION'''
{{U_RaringRingtailLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu_Quantal | 12.10 (Quantal Quetzal)]]''' - '''CURRENT NON-LTS VERSION'''
{{U_QuantalQuetzalLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu_Precise | 12.04 LTS (Precise Pangolin)]]''' - '''CURRENT LTS VERSION'''
{{U_PrecisePangolinLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu:Lucid | 10.04 LTS (Lucid Lynx)]]''' - '''SUPPORT FOR SERVER VERSION ONLY'''
{{U_LucidLynxLanguageBar|languages=Languages:|InProgress=In progress:}}

<br><br>
----
[[File:Kubuntuguidelogo.png|link=K_All_Versions]]
<br>
{|style="width:100%; background-repeat: no-repeat; background-position: 0% 20%;background-color: #F1F5FC; border: 1px solid #ccc;"
|style="width:100%;"|
<div style="float: left; text-align:left;padding-left:20px;white-space: wrap;">
<b padding: 1px;">
Using Kubuntu? See [[K_All_Versions|KubuntuGuide]]. <br />
Using Lubuntu? See the [http://lubuntu.net/ Lubuntu website]. <br />
Using Xubuntu? See the [http://xubuntu.org/ Xubuntu website].
</b>
</div>
|}
<br>

----
'''UNSUPPORTED VERSIONS''' (for reference only. Please upgrade to a current version.)

* '''[[Ubuntu_Oneiric | 11.10 (Oneiric Ocelot)]]''' - '''UNSUPPORTED VERSION'''
{{U_OneiricOcelotLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu:Natty | 11.04 (Natty Narwhal)]]''' - '''UNSUPPORTED VERSION'''
{{U_NattyNarwhalLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu:Maverick | 10.10 (Maverick Meerkat)]]''' - '''UNSUPPORTED VERSION'''
{{U_MaverickMeerkatLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu:Karmic | 9.10 (Karmic Koala)]]''' - '''UNSUPPORTED VERSION'''
{{U_KarmicKoalaLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu:Jaunty | 9.04 (Jaunty Jackalope)]]''' - '''UNSUPPORTED VERSION'''
{{U_JauntyJackalopeLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu:Intrepid | 8.10 (Intrepid Ibex)]]''' - '''UNSUPPORTED VERSION'''
{{IntrepidIbexLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu:Hardy | 8.04 LTS (Hardy Heron)]]''' - '''UNSUPPORTED VERSION'''
{{U_HardyHeronLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu:Gutsy | 7.10 (Gutsy Gibbon)]]''' - '''UNSUPPORTED VERSION'''
{{GutsyGibbonLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu:Feisty | 7.04 (Feisty Fawn)]]''' - '''UNSUPPORTED VERSION'''
{{FeistyFawnLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu:Edgy | 6.10 (Edgy Eft)]]''' - '''UNSUPPORTED VERSION'''
{{EdgyLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu_dapper | 6.06 LTS (Dapper Drake)]]''' - '''UNSUPPORTED VERSION'''
{{UbuntuLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu | 5.10 (Breezy Badger)]]''' - '''UNSUPPORTED VERSION'''
{{BreezyLanguageBar|languages=Languages:|InProgress=In progress:}}

==== Alternatives | Open Source software ====
This is a list of some useful programs in GNU/Linux. [[Alternatives | Here]] you can find free alternatives to commercial programs.
<br><br>
{{U_RegisterHeader}}

K All Versions

Perspectoff — Mon, 10 Jun 2013 15:28:52 GMT

Perspectoff: /* Kubuntu */

<div align="right"><small>{{CURRENTDAYNAME}}, {{CURRENTMONTHNAME}} {{CURRENTDAY}}, {{CURRENTYEAR}}, {{CURRENTTIME}} UTC/GMT</small></div>
{||}
{|style="width:100%; background-repeat: no-repeat; background-position: 0% 20%;background-color: #fafafd; border: 1px solid #ccc;"
|style="width:40%;"|
<div style="float: left; text-align:left;padding-left:20px;white-space: nowrap;">
<h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
Welcome to Kubuntuguide</h1>
<div>The Free Linux Guide [[kubuntuguide_needs_you|You Can Write]]'''
|style="width:60%; padding-left: 10%;"|
</div>
</div>
|}





<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Current Guide</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
[[Kubuntu_Raring|Raring]]</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Current Guide</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
[[Kubuntu_Quantal|Quantal]]</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Current Guide (Long Term Support version)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
[[Kubuntu_Precise|Precise]]</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Current Guide (Server Support only)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
[[Lucid]]</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Previous Guide (No longer supported)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
[[Kubuntu_Oneiric|Oneiric]]</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Previous Guide (No longer supported)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
[[Natty]]</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Previous Guide (No longer supported)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
[[Maverick]]</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Previous Guide (No longer supported)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
[[Karmic]]</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Previous Guide (No longer supported)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
[[Jaunty]]</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Previous Guide (No longer supported)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
Intrepid</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Previous Guide (No longer supported)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
[[Hardy]]</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Previous Guide (No longer supported)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
Gutsy</h1><br>
</div>



<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Previous Guide (No longer supported)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
Feisty</h1><br>
</div>

|}

== Kubuntu ==
Kubuntu is a popular Linux-based operating system using the KDE (K Desktop Environment) and supported by the Ubuntu backbone. Here is what this Linux-based operating system offers:

* Ability to customise the operating system
* A relatively secure system (lowering the threat of being hacked)
* User-friendly
* A self-maintaining file system
* Free and up-to-date

<br><br>
----
[[File:Ubuntuguide_logo.png]]
<br>
{|style="width:100%; background-repeat: no-repeat; background-position: 0% 20%;background-color: #F1F5FC; border: 1px solid #ccc;"
|style="width:100%;"|
<div style="float: left; text-align:left;padding-left:20px;white-space: wrap;">
<b padding: 1px;">
Using Ubuntu? See [[Ubuntu:All_Versions|UbuntuGuide]]. <br />
Using Lubuntu? See the [http://lubuntu.net/ Lubuntu website]. <br />
Using Xubuntu? See the [http://xubuntu.org/ Xubuntu website].
</b>
</div>
|}
<br>

== Kubuntuguide ==
Kubuntuguide provides help, links, and in-depth instructions on many aspects of this user-friendly Linux operating system. Please share your knowledge with the community.

{{K_RegisterHeader}}

K All Versions

Perspectoff — Mon, 10 Jun 2013 15:27:55 GMT

Perspectoff:

<div align="right"><small>{{CURRENTDAYNAME}}, {{CURRENTMONTHNAME}} {{CURRENTDAY}}, {{CURRENTYEAR}}, {{CURRENTTIME}} UTC/GMT</small></div>
{||}
{|style="width:100%; background-repeat: no-repeat; background-position: 0% 20%;background-color: #fafafd; border: 1px solid #ccc;"
|style="width:40%;"|
<div style="float: left; text-align:left;padding-left:20px;white-space: nowrap;">
<h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
Welcome to Kubuntuguide</h1>
<div>The Free Linux Guide [[kubuntuguide_needs_you|You Can Write]]'''
|style="width:60%; padding-left: 10%;"|
</div>
</div>
|}





<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Current Guide</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
[[Kubuntu_Raring|Raring]]</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Current Guide</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
[[Kubuntu_Quantal|Quantal]]</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Current Guide (Long Term Support version)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
[[Kubuntu_Precise|Precise]]</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Current Guide (Server Support only)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
[[Lucid]]</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Previous Guide (No longer supported)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
[[Kubuntu_Oneiric|Oneiric]]</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Previous Guide (No longer supported)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
[[Natty]]</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Previous Guide (No longer supported)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
[[Maverick]]</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Previous Guide (No longer supported)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
[[Karmic]]</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Previous Guide (No longer supported)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
[[Jaunty]]</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Previous Guide (No longer supported)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
Intrepid</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Previous Guide (No longer supported)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
[[Hardy]]</h1><br>
</div>


<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Previous Guide (No longer supported)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
Gutsy</h1><br>
</div>



<div style="background:#d0e5f5; border-bottom:1px solid #abd5f5; padding:0.2em 0.5em 0.2em 0.5em; font-size:125%; font-weight:bold;">Previous Guide (No longer supported)</div>
<div align="center" style="border-bottom:1px solid #abd5f5; padding:0.4em 1em 0.3em 1em;">
<br><h1 style="font-size: 175%; border: none; margin: 0; padding: 1px;">
Feisty</h1><br>
</div>

|}

== Kubuntu ==
Kubuntu is a popular Linux-based operating system using the KDE (K Desktop Environment) and supported by the Ubuntu backbone. Here is what this Linux-based operating system offers:

* Ability to customise the operating system
* A relatively secure system (lowering the threat of being hacked)
* User-friendly
* A self-maintaining file system
* Free and up-to-date

<br><br>
----
[[File:Ubuntuguide_logo.png]]
<br>
{|style="width:100%; background-repeat: no-repeat; background-position: 0% 20%;background-color: #F1F5FC; border: 1px solid #ccc;"
|style="width:100%;"|
<div style="float: left; text-align:left;padding-left:20px;white-space: wrap;">
<b padding: 1px;">
Using Ubuntu? See [[Ubuntu:All_Versions|UbuntuGuide]]. <br />
Using Lubuntu? See [http://lubuntu.net/ Lubuntu website]. <br />
Using Xubuntu? See [http://xubuntu.org/ Xubuntu website].
</b>
</div>
|}
<br>

== Kubuntuguide ==
Kubuntuguide provides help, links, and in-depth instructions on many aspects of this user-friendly Linux operating system. Please share your knowledge with the community.

{{K_RegisterHeader}}

Ubuntu:All Versions

Perspectoff — Mon, 10 Jun 2013 15:26:46 GMT

Perspectoff:

__NOTOC__
[[Image:Ubuntuguide_logo.png|link=Ubuntu:All_Versions]]

* '''[[Ubuntu_Raring | 13.04 (Raring Ringtail)]]''' - '''CURRENT NON-LTS VERSION'''
{{U_RaringRingtailLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu_Quantal | 12.10 (Quantal Quetzal)]]''' - '''CURRENT NON-LTS VERSION'''
{{U_QuantalQuetzalLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu_Precise | 12.04 LTS (Precise Pangolin)]]''' - '''CURRENT LTS VERSION'''
{{U_PrecisePangolinLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu:Lucid | 10.04 LTS (Lucid Lynx)]]''' - '''SUPPORT FOR SERVER VERSION ONLY'''
{{U_LucidLynxLanguageBar|languages=Languages:|InProgress=In progress:}}

<br><br>
----
[[File:Kubuntuguidelogo.png|link=K_All_Versions]]
<br>
{|style="width:100%; background-repeat: no-repeat; background-position: 0% 20%;background-color: #F1F5FC; border: 1px solid #ccc;"
|style="width:100%;"|
<div style="float: left; text-align:left;padding-left:20px;white-space: wrap;">
<b padding: 1px;">
Using Kubuntu? See [[K_All_Versions|KubuntuGuide]]. <br />
Using Lubuntu? See [http://lubuntu.net/ Lubuntu website]. <br />
Using Xubuntu? See [http://xubuntu.org/ Xubuntu website].
</b>
</div>
|}
<br>

----
'''UNSUPPORTED VERSIONS''' (for reference only. Please upgrade to a current version.)

* '''[[Ubuntu_Oneiric | 11.10 (Oneiric Ocelot)]]''' - '''UNSUPPORTED VERSION'''
{{U_OneiricOcelotLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu:Natty | 11.04 (Natty Narwhal)]]''' - '''UNSUPPORTED VERSION'''
{{U_NattyNarwhalLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu:Maverick | 10.10 (Maverick Meerkat)]]''' - '''UNSUPPORTED VERSION'''
{{U_MaverickMeerkatLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu:Karmic | 9.10 (Karmic Koala)]]''' - '''UNSUPPORTED VERSION'''
{{U_KarmicKoalaLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu:Jaunty | 9.04 (Jaunty Jackalope)]]''' - '''UNSUPPORTED VERSION'''
{{U_JauntyJackalopeLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu:Intrepid | 8.10 (Intrepid Ibex)]]''' - '''UNSUPPORTED VERSION'''
{{IntrepidIbexLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu:Hardy | 8.04 LTS (Hardy Heron)]]''' - '''UNSUPPORTED VERSION'''
{{U_HardyHeronLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu:Gutsy | 7.10 (Gutsy Gibbon)]]''' - '''UNSUPPORTED VERSION'''
{{GutsyGibbonLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu:Feisty | 7.04 (Feisty Fawn)]]''' - '''UNSUPPORTED VERSION'''
{{FeistyFawnLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu:Edgy | 6.10 (Edgy Eft)]]''' - '''UNSUPPORTED VERSION'''
{{EdgyLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu_dapper | 6.06 LTS (Dapper Drake)]]''' - '''UNSUPPORTED VERSION'''
{{UbuntuLanguageBar|languages=Languages:|InProgress=In progress:}}

* '''[[Ubuntu | 5.10 (Breezy Badger)]]''' - '''UNSUPPORTED VERSION'''
{{BreezyLanguageBar|languages=Languages:|InProgress=In progress:}}

==== Alternatives | Open Source software ====
This is a list of some useful programs in GNU/Linux. [[Alternatives | Here]] you can find free alternatives to commercial programs.
<br><br>
{{U_RegisterHeader}}

User talk:Rulatir

Perspectoff — Mon, 10 Jun 2013 15:23:15 GMT

Perspectoff: Created page with 'The last step fails (at least in Kubuntu raring): <pre> rulatir@berbelek:~$ LANG=C sudo apt-get install mariadb-server Reading package lists... Done Building dependency tree …'

The last step fails (at least in Kubuntu raring):

<pre>
rulatir@berbelek:~$ LANG=C sudo apt-get install mariadb-server
Reading package lists... Done
Building dependency tree
Reading state information... Done
You might want to run 'apt-get -f install' to correct these:
The following packages have unmet dependencies:
libmariadbclient18 : Depends: libmysqlclient18 (= 5.5.31+maria-1~raring) but 5.5.31-0ubuntu0.13.04.1 is to be installed
mariadb-server : Depends: mariadb-server-5.5 (= 5.5.31+maria-1~raring) but it is not going to be installed
E: Unmet dependencies. Try 'apt-get -f install' with no packages (or specify a solution).
</pre>

[[User:Rulatir|Rulatir]] 08:10, 10 June 2013 (UTC)

:I don't know the answer to this one. If you find the answer on [http://ubuntuforums.org Ubuntu Forums], please add it to the wiki. Thanks! [[User:Perspectoff|Perspectoff]] 15:23, 10 June 2013 (UTC)

Talk:Kubuntu Raring Servers

Perspectoff — Mon, 10 Jun 2013 15:21:24 GMT

Perspectoff:

Template:U Raring/NetworkAdmin

Perspectoff — Sat, 08 Jun 2013 17:09:34 GMT

Perspectoff: /* CafePilot */

= Network Monitors =
There are two types of network monitors: those that monitor your own system's network settings and those that monitor network traffic. The latter includes security tools (that can also be used as hackers tools) for exposing security weaknesses in a network. Be aware and be safe! A list of available tools is at [http://www.ubuntu-unleashed.com/2008/06/top-security-tools-in-ubuntu.html Top Ubuntu Security Tools].

=== Netstat ===
[[File:Prefapp1.png|18 px]] [http://www.faqs.org/docs/linux_network/x-087-2-iface.netstat.html Netstat] is the Linux command-line tool to monitor network status and functions. There are many usage parameters. See the manual for help.
netstat

=== Etherape (Network monitoring) ===
[[File:Prefapp1.png|18 px]] [http://etherape.sourceforge.net/ EtherApe] is a graphical utility that allows you to see (in real-time) where connections are being made on your network, or between your network (or computer) and the Internet. If you are experiencing unexpected network activity on your computer or LAN and wish to see where the activity is occurring, this is an easy tool to use. Both "local" user and "root user" installations are created; in general you must use the root user installation to see all your network traffic.
sudo apt-get install etherape

=== List open files ===
[[File:Prefapp1.png|18 px]] Sometimes you will see your network slowing and want to know which files are sending data over ports. Use this command:
lsof -i -n -P

=== Nmap ===
[[File:Prefapp1.png|18 px]] [http://nmap.org/ Nmap] is a free open source utility for network exploration (including showing open ports and running services) and security auditing. Install:
sudo apt-get install nmap

Scan your own PC:
nmap localhost

(Once you have found out which ports are open, use a [[#Firewall|firewall]] to close the ones you don't want open.)

==== Nmap GUI ====
Install:
sudo apt-get install nmapfe

:or you can try Zenmap:
sudo apt-get install zenmap

=== Nessus ===
[http://www.nessus.org Nessus] is a proprietary comprehensive vulnerability scanning suite that is free for personal, non-enterprise usage. See the website for details.

=== Snort ===
[http://www.snort.org/ Snort] is the de facto open source standard for intrusion detection. Install:
sudo apt-get install snort

It can be used with an MySQL database (sudo apt-get install snort-mysql) or with a PostgreSQL database (sudo apt-get install snort-pgsql).

==== AcidBase ====
[http://secureideas.sourceforge.net/ AcidBase] is an intrusion detection / basic analysis and security engine that uses Snort. Install:
sudo apt-get install acidbase

=== AppArmor ===
[http://en.opensuse.org/AppArmor AppArmor] is a set of security enhancements developed by Novell for SUSE Linux. It is installed in (K)ubuntu by default.

==== Disable AppArmor ====
AppArmor can prevent some services from running as expected and cannot be used in conjunction with SELinux. To disable it:
/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
apt-get remove apparmor apparmor-utils

=== SELinux ===
[http://en.wikipedia.org/wiki/Security-Enhanced_Linux SE Linux] (Security Enhanced Linux) is an NSA (US National Security Administration) recommended set of tools for enhanced security in Linux systems. It enforces strict access controls (privileges) and is meant for mission-critical installations. It is not suitable for the casual desktop user. It was first available in Hardy Heron and is being updated for Intrepid Ibex. It is not compatible with AppArmor (which must first be removed).
sudo apt-get install selinux

=== Knockd (Port security) ===
[[File:Prefapp1.png|18 px]] [http://www.zeroflux.org/projects/knock Knockd] is a small server that listens for a pre-defined sequence of port opening attempts (a "knock") before opening an otherwise closed firewall port for communications. Install:
sudo apt-get install knockd

= Network Management =
Monitor your network or datacenter with a framework of utilities. Comparable to IBM Tivoli (which can cost thousands of dollars), these solutions are generally available as either community or enterprise editions.
* [http://www.hyperic.com/products/open-source-systems-monitoring.html Hyperic] is an open-source network monitoring framework that can be used in either a datacenter or a cloud environment (it is used for Amazon Cloud). Both a free community version and a subscription enterprise version are available.
* [http://www.groundworkopensource.com/community/community-edition.html Groundwork OpenSource] offers a community edition that integrates other packages such as Nagios, Nmap, and others. There is a subscription enterprise version as well. It has its roots in a university setting.
* [http://www.openqrm.com/ OpenQRM] is the GPL-licensed, free open-source community successor to the very popular network monitoring solution Qlusters. It is [http://sourceforge.net/project/showfiles.php?group_id=153504 available] as a Debian/Ubuntu package. See the website for details.
* Canonical offers the [http://www.canonical.com/projects/landscape Landscape] network management service for $150 per node, with a free trial available.
* [http://www.zenoss.com/ Zenoss] is a commercial network monitoring subscription package (about $150/node) with a limited free "core" edition also available.

=== Nagios ===
[http://www.nagios.org/ Nagios] is a free open source network monitoring solution. It is administered from a web interface (<nowiki>http://localhost/nagios</nowiki>) and is expandable using a large number of available plugins. For additional configuration information, see the [https://help.ubuntu.com/10.04/serverguide/C/nagios.html official Ubuntu documentation]. Install:
sudo apt-get install nagios3

=== Munin ===
[http://munin-monitoring.org/ Munin] is a free GPL-licensed open source networking monitoring tool based on [http://en.wikipedia.org/wiki/RRDtool RRDTool], in which a master network node queries other network resources, cataloging and graphically displaying changes. It has a web interface and multiple plugins. For additional configuration information, see the [https://help.ubuntu.com/10.04/serverguide/C/munin.html official Ubuntu documentation]. [http://munin-monitoring.org/wiki/LinuxInstallation Install]:
sudo apt-get install munin

=== Cacti Monitoring Server ===
[http://www.cacti.net/ Cacti] is a complete, free open source network graphing solution designed to harness the power of [http://oss.oetiker.ch/rrdtool/ RRDTool]’s data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. It uses MySQL and PHP (part of the [[Ubuntu_Raring_Servers#LAMP_server_installation|LAMP]] server stack). All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices. For more info see [http://www.ubuntugeek.com/install-and-configure-cacti-monitoring-tool-in-ubuntu-810-intrepid-ibex-server.html Cacti Server Setup]. Install:
sudo apt-get install cacti

=== Cluster SSH ===
[http://sourceforge.net/apps/mediawiki/clusterssh/index.php?title=Main_Page ClusterSSH] allows replication of a command on an administration console to be replicated via SSH to multiple computers in a cluster. Install:
sudo apt-get install clusterssh

== Enterprise Network Firewall ==

=== IPCop ===
[http://www.ipcop.org IPCop] is a free open source (GPL-licensed) firewall solution for use as an independent appliance (on a dedicated PC) in an enterprise network. It allows remote management and can protect multiple servers, including web and email servers. IPSec-based OpenVPN is supported. The CD image .iso and other files can be downloaded [http://sourceforge.net/project/showfiles.php?group_id=40604&package_id=35093 here]. Installation instructions are on the website.

=== SmoothWall ===
[http://www.smoothwall.org/ SmoothWall Express] is an award-winning, free, open source (with a GPL license) firewall solution for use as an independent appliance (on a dedicated PC) in an enterprise network. Download the installation CD .iso image [http://www.smoothwall.org/get/ here] (server OS included), burn onto a CD, and install on a new, dedicated PC. Many features, however, such as VPN server, database access authentications, and content filtering are only implemented in a commercial version, however, and are not available in the community version.

=== Endian ===
[http://www.endian.com/en/community/about/ Endian] is a very robust, free, open source universal threat management appliance similar to IPCop and Smoothwall. It also incorporates OpenVPN. Like Smoothwall, Dansguardian is used for content filtering (and is included in the community edition). Commercial and hardware versions with some additional features, automatic updates, and professional support are available. See the website for details.

= LTSP (Thin client support) =
[http://www.ltsp.org/ LTSP] (the Linux Terminal Server Project) adds [http://en.wikipedia.org/wiki/Thin_client thin-client] support to Linux servers. The package is free, GPL-licensed, and the client can be used to run programs on either Linux or Windows LTSP servers. There is a module for classroom management (ltsp-controlaula) as well. Installation instructions are [https://help.ubuntu.com/community/UbuntuLTSP/LTSPQuickInstall here]. The alternate LiveCD can also be used to install a terminal server, as indicated in [http://www.ubuntu.com/products/whatisubuntu/serveredition/technologies/ltsp these instructions].

=== LTSP Server ===
Install:
sudo apt-get install ltsp-server ltsp-manager

=== LTSP Client ===
Install:
sudo apt-get ltsp-client

=== iTALC (Thin client for Education) ===
[http://italc.sourceforge.net/ iTALC] is a free, open source (GPL-licensed) thin client solution that supports both (K)Ubuntu Linux and Windows XP. It has been used widely in educational settings to monitor, share, and control multiple workstations. See the website for download and installation instructions.

== Internet Cafe software ==
Internet Cafe (or CyberCafe) software is specialized LAN-administration software that includes time usage monitoring, billing, and administration. It can also be used in schools, libraries, and organizations with multiple monitored workstations requiring usage limits.

=== OutKafe ===
[http://outkastsolutions.co.za/outkast/index.php?option=com_openwiki&id=outkafe OutKafe] is a free, open-source, GPL-licensed cybercafe solution based on a postgreSQL database server stack. It is run on hundreds of sites. It is GTK-based but can be run with Kubuntu (KDE).

=== OpenKiosk ===
[http://openkiosk.sourceforge.net/ OpenKiosk] is a free open source multi-platform server/client solution for administering and monitoring groups of workstations, such as in libraries, school labs, and internet cafes. Installation is from source files. See the website for details.

=== CafePilot ===
[http://sourceforge.net/projects/cafepilot/ CafePilot] is a free multi-platform Java-based server/client solution for real-time monitoring and billing of Cybercafe workstations. 

=== Miscellaneous solutions ===
[http://ask.slashdot.org/story/10/04/11/188217/What-Advice-For-a-Single-Parent-As-Server-Admin?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2FslashdotLinux+%28Slashdot%3A+Linux%29 This thread] discusses several other solutions, including:
* [http://www.untangle.com/ Untangle]
* [http://m0n0.ch/wall/ m0n0wall]
* [http://clearfoundation.com ClearOS]

=== Pessulus (Lockdown Editor) ===
Pessulus is a GTK (Gnome)-based utility that allows an a computer administrator to restrict acccess to several administrative functions, including the command-line Terminal and many other functions. This is useful on public kiosk PCs, for example. Install:
sudo apt-get install pessulus

= Cluster (cloud) computing =
[http://en.wikipedia.org/wiki/Cloud_computing Cloud computing] is the co-ordination of many servers to maximise computing resources and efficiency. The use of [http://en.wikipedia.org/wiki/Virtual_machine virtual machines], [http://en.wikipedia.org/wiki/Load_balancing_%28computing%29 load balancing], and [http://en.wikipedia.org/wiki/Virtual_LAN VLAN] technology are combined into an integrated system. Distributed computing and parallel processing underlies the networks of computers that are now used in a number of supercomputing applications.

== OpenStack cloud ==
[http://www.openstack.org/ OpenStack] is the technology currently used by Ubuntu for cloud computing as part of the [https://help.ubuntu.com/community/UbuntuCloudInfrastructure Ubuntu Cloud Infrastructure]. (Also see the [https://help.ubuntu.com/community/OpenStack Ubuntu community help].) It is now included as part of Ubuntu server versions (starting with 12.04 LTS Precise).
* See the [http://www.ubuntu.com/cloud/private-cloud Ubuntu private cloud] information to set up an OpenStack cluster.

== Eucalyptus cloud ==
[http://eucalyptus.cs.ucsb.edu/ Eucalyptus] is a project from University of California Santa Barbara to facilitate cluster computing on servers that have the [[Ubuntu_Raring_Virtual_Machines#Xen|Xen]] virtual machine implementation enabled. Prior to 11.10 (Oneiric) it was available for the Ubuntu server edition as the [https://help.ubuntu.com/community/UEC Ubuntu Enterprise Cloud].
* See the instructions for installing [http://www.eucalyptus.com/download/eucalyptus/debian Eucalyptus on Debian systems].

== Beowulf ==
The [http://en.wikipedia.org/wiki/Beowulf_cluster Beowulf] cluster computing project is one of the earliest cluster computing examples and provides the underpinning for a number of Linux-based supercomputing clusters. A Beowulf cluster is designed to function like a single supercomputer, and can be scaled to any number of nodes. It uses open source components. See this [http://byobu.info/wiki/Building_a_simple_Beowulf_Like_Cluster_with_Ubuntu introductory article] on creating a Beowulf cluster with Ubuntu.
* [http://svn.oscar.openclustergroup.org/trac/oscar OSCAR] is a software platform that allows the creation of a Beowulf cluster on RedHat or Debian/Ubuntu Linux servers. See [http://svn.oscar.openclustergroup.org/trac/oscar/wiki/repoTesting here] for instructions on installing the .deb packages from repositories.

== BOINC (Berkeley Open Infrastructure for Network Computing) ==
[http://en.wikipedia.org/wiki/Berkeley_Open_Infrastructure_for_Network_Computing BOINC] is middleware software developed at [http://en.wikipedia.org/wiki/Space_Sciences_Laboratory UC Berkeley] to allow multiple computers to operate as a grid-based (cloud based) supercomputer. There are over half a million computers participating in BOINC projects. To [http://wiki.debian.org/BOINC install BOINC] and participate in one or more of these projects:
sudo apt-get install boinc

== A warning about distributed computing ==
Cloud computing is often mistaken for remote hosting. While cloud computing using public hosts may be beneficial in "farming out" a few of your non-sensitive computing needs, the recent ease of cloning filesystems and the promiscuity of datacenters has placed a great deal of sensitive data at risk when databases and critical server functions themselves are remotely hosted at a site not under your complete control. Even "trusted" banks and other large businesses routinely trade and sell our sensitive "private" data to multiple partners (sometimes for profit and sometimes unwittingly). Hosted servers are compromised on a daily basis and it is not very easy for an end customer to know how effective are the security practices of a remote hosting service. Further, any data left on public storage devices (cloud servers) in the US for more than 180 days are subject to search and seizure by government agencies there. Therefore, it is almost always more secure to host your own server(s) in house and to limit the traffic and access to your databases and servers to members of your own organization. Learning how to run your own servers is worth the effort, and powerful hardware on which to run them is inexpensive these days.

The Ubuntu cloud computing environment allows you to recruit the multiple computers within your own organization for distributed ("cloud") computing and thereby keep it all "in house" (behind secure firewalls). You do not need to expose your organization to insecure remote public hosts in order to use cloud computing.

Template:U Quantal/NetworkAdmin

Perspectoff — Sat, 08 Jun 2013 17:08:59 GMT

Perspectoff: /* CafePilot */

= Network Monitors =
There are two types of network monitors: those that monitor your own system's network settings and those that monitor network traffic. The latter includes security tools (that can also be used as hackers tools) for exposing security weaknesses in a network. Be aware and be safe! A list of available tools is at [http://www.ubuntu-unleashed.com/2008/06/top-security-tools-in-ubuntu.html Top Ubuntu Security Tools].

=== Netstat ===
[[File:Prefapp1.png|18 px]] [http://www.faqs.org/docs/linux_network/x-087-2-iface.netstat.html Netstat] is the Linux command-line tool to monitor network status and functions. There are many usage parameters. See the manual for help.
netstat

=== Etherape (Network monitoring) ===
[[File:Prefapp1.png|18 px]] [http://etherape.sourceforge.net/ EtherApe] is a graphical utility that allows you to see (in real-time) where connections are being made on your network, or between your network (or computer) and the Internet. If you are experiencing unexpected network activity on your computer or LAN and wish to see where the activity is occurring, this is an easy tool to use. Both "local" user and "root user" installations are created; in general you must use the root user installation to see all your network traffic.
sudo apt-get install etherape

=== List open files ===
[[File:Prefapp1.png|18 px]] Sometimes you will see your network slowing and want to know which files are sending data over ports. Use this command:
lsof -i -n -P

=== Nmap ===
[[File:Prefapp1.png|18 px]] [http://nmap.org/ Nmap] is a free open source utility for network exploration (including showing open ports and running services) and security auditing. Install:
sudo apt-get install nmap

Scan your own PC:
nmap localhost

(Once you have found out which ports are open, use a [[#Firewall|firewall]] to close the ones you don't want open.)

==== Nmap GUI ====
Install:
sudo apt-get install nmapfe

:or you can try Zenmap:
sudo apt-get install zenmap

=== Nessus ===
[http://www.nessus.org Nessus] is a proprietary comprehensive vulnerability scanning suite that is free for personal, non-enterprise usage. See the website for details.

=== Snort ===
[http://www.snort.org/ Snort] is the de facto open source standard for intrusion detection. Install:
sudo apt-get install snort

It can be used with an MySQL database (sudo apt-get install snort-mysql) or with a PostgreSQL database (sudo apt-get install snort-pgsql).

==== AcidBase ====
[http://secureideas.sourceforge.net/ AcidBase] is an intrusion detection / basic analysis and security engine that uses Snort. Install:
sudo apt-get install acidbase

=== AppArmor ===
[http://en.opensuse.org/AppArmor AppArmor] is a set of security enhancements developed by Novell for SUSE Linux. It is installed in (K)ubuntu by default.

==== Disable AppArmor ====
AppArmor can prevent some services from running as expected and cannot be used in conjunction with SELinux. To disable it:
/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
apt-get remove apparmor apparmor-utils

=== SELinux ===
[http://en.wikipedia.org/wiki/Security-Enhanced_Linux SE Linux] (Security Enhanced Linux) is an NSA (US National Security Administration) recommended set of tools for enhanced security in Linux systems. It enforces strict access controls (privileges) and is meant for mission-critical installations. It is not suitable for the casual desktop user. It was first available in Hardy Heron and is being updated for Intrepid Ibex. It is not compatible with AppArmor (which must first be removed).
sudo apt-get install selinux

=== Knockd (Port security) ===
[[File:Prefapp1.png|18 px]] [http://www.zeroflux.org/projects/knock Knockd] is a small server that listens for a pre-defined sequence of port opening attempts (a "knock") before opening an otherwise closed firewall port for communications. Install:
sudo apt-get install knockd

= Network Management =
Monitor your network or datacenter with a framework of utilities. Comparable to IBM Tivoli (which can cost thousands of dollars), these solutions are generally available as either community or enterprise editions.
*[http://www.hyperic.com/products/open-source-systems-monitoring.html Hyperic] is an open-source network monitoring framework that can be used in either a datacenter or a cloud environment (it is used for Amazon Cloud). Both a free community version and a subscription enterprise version are available.
*[http://www.groundworkopensource.com/community/community-edition.html Groundwork OpenSource] offers a community edition that integrates other packages such as Nagios, Nmap, and others. There is a subscription enterprise version as well. It has its roots in a university setting.
*[http://www.openqrm.com/ OpenQRM] is the GPL-licensed, free open-source community successor to the very popular network monitoring solution Qlusters. It is [http://sourceforge.net/project/showfiles.php?group_id=153504 available] as a Debian/Ubuntu package. See the website for details.
*Canonical offers the [http://www.canonical.com/projects/landscape Landscape] network management service for $150 per node, with a free trial available.
*[http://www.zenoss.com/ Zenoss] is a commercial network monitoring subscription package (about $150/node) with a limited free "core" edition also available.

=== Nagios ===
[http://www.nagios.org/ Nagios] is a free open source network monitoring solution. It is administered from a web interface (<nowiki>http://localhost/nagios</nowiki>) and is expandable using a large number of available plugins. For additional configuration information, see the [https://help.ubuntu.com/10.04/serverguide/C/nagios.html official Ubuntu documentation]. Install:
sudo apt-get install nagios3

=== Munin ===
[http://munin-monitoring.org/ Munin] is a free GPL-licensed open source networking monitoring tool based on [http://en.wikipedia.org/wiki/RRDtool RRDTool], in which a master network node queries other network resources, cataloging and graphically displaying changes. It has a web interface and multiple plugins. For additional configuration information, see the [https://help.ubuntu.com/10.04/serverguide/C/munin.html official Ubuntu documentation]. [http://munin-monitoring.org/wiki/LinuxInstallation Install]:
sudo apt-get install munin

=== Cacti Monitoring Server ===
[http://www.cacti.net/ Cacti] is a complete, free open source network graphing solution designed to harness the power of [http://oss.oetiker.ch/rrdtool/ RRDTool]’s data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. It uses MySQL and PHP (part of the [[Ubuntu:Quantal#LAMP_server_installation|LAMP]] server stack). All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices. For more info see [http://www.ubuntugeek.com/install-and-configure-cacti-monitoring-tool-in-ubuntu-810-intrepid-ibex-server.html Cacti Server Setup]. Install:
sudo apt-get install cacti

=== Cluster SSH ===
[http://sourceforge.net/apps/mediawiki/clusterssh/index.php?title=Main_Page ClusterSSH] allows replication of a command on an administration console to be replicated via SSH to multiple computers in a cluster. Install:
sudo apt-get install clusterssh

== Enterprise Network Firewall ==
=== IPCop ===
[http://www.ipcop.org IPCop] is a free open source (GPL-licensed) firewall solution for use as an independent appliance (on a dedicated PC) in an enterprise network. It allows remote management and can protect multiple servers, including web and email servers. IPSec-based OpenVPN is supported. The CD image .iso and other files can be downloaded [http://sourceforge.net/project/showfiles.php?group_id=40604&package_id=35093 here]. Installation instructions are on the website.

=== SmoothWall ===
[http://www.smoothwall.org/ SmoothWall Express] is an award-winning, free, open source (with a GPL license) firewall solution for use as an independent appliance (on a dedicated PC) in an enterprise network. Download the installation CD .iso image [http://www.smoothwall.org/get/ here] (server OS included), burn onto a CD, and install on a new, dedicated PC. Many features, however, such as VPN server, database access authentications, and content filtering are only implemented in a commercial version, however, and are not available in the community version.

=== Endian ===
[http://www.endian.com/en/community/about/ Endian] is a very robust, free, open source universal threat management appliance similar to IPCop and Smoothwall. It also incorporates OpenVPN. Like Smoothwall, Dansguardian is used for content filtering (and is included in the community edition). Commercial and hardware versions with some additional features, automatic updates, and professional support are available. See the website for details.

= LTSP (Thin client support) =
[http://www.ltsp.org/ LTSP] (the Linux Terminal Server Project) adds [http://en.wikipedia.org/wiki/Thin_client thin-client] support to Linux servers. The package is free, GPL-licensed, and the client can be used to run programs on either Linux or Windows LTSP servers. There is a module for classroom management (ltsp-controlaula) as well. Installation instructions are [https://help.ubuntu.com/community/UbuntuLTSP/LTSPQuickInstall here]. The alternate LiveCD can also be used to install a terminal server, as indicated in [http://www.ubuntu.com/products/whatisubuntu/serveredition/technologies/ltsp these instructions].
=== LTSP Server ===
Install:
sudo apt-get install ltsp-server ltsp-manager

=== LTSP Client ===
Install:
sudo apt-get ltsp-client

=== iTALC (Thin client for Education) ===
[http://italc.sourceforge.net/ iTALC] is a free, open source (GPL-licensed) thin client solution that supports both (K)Ubuntu Linux and Windows XP. It has been used widely in educational settings to monitor, share, and control multiple workstations. See the website for download and installation instructions.

== Internet Cafe software ==
Internet Cafe (or CyberCafe) software is specialized LAN-administration software that includes time usage monitoring, billing, and administration. It can also be used in schools, libraries, and organizations with multiple monitored workstations requiring usage limits.

=== OutKafe ===
[http://outkastsolutions.co.za/outkast/index.php?option=com_openwiki&id=outkafe OutKafe] is a free, open-source, GPL-licensed cybercafe solution based on a postgreSQL database server stack. It is run on hundreds of sites. It is GTK-based but can be run with Kubuntu (KDE).

=== OpenKiosk ===
[http://openkiosk.sourceforge.net/ OpenKiosk] is a free open source multi-platform server/client solution for administering and monitoring groups of workstations, such as in libraries, school labs, and internet cafes. Installation is from source files. See the website for details.

=== CafePilot ===
[http://sourceforge.net/projects/cafepilot/ CafePilot] is a free multi-platform Java-based server/client solution for real-time monitoring and billing of Cybercafe workstations. 

=== Miscellaneous solutions ===
[http://ask.slashdot.org/story/10/04/11/188217/What-Advice-For-a-Single-Parent-As-Server-Admin?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2FslashdotLinux+%28Slashdot%3A+Linux%29 This thread] discusses several other solutions, including:
*[http://www.untangle.com/ Untangle]
*[http://m0n0.ch/wall/ m0n0wall]
*[http://clearfoundation.com ClearOS]

=== Pessulus (Lockdown Editor) ===
Pessulus is a GTK (Gnome)-based utility that allows an a computer administrator to restrict acccess to several administrative functions, including the command-line Terminal and many other functions. This is useful on public kiosk PCs, for example. Install:
sudo apt-get install pessulus

= Cluster (cloud) computing =
[http://en.wikipedia.org/wiki/Cloud_computing Cloud computing] is the co-ordination of many servers to maximise computing resources and efficiency. The use of [http://en.wikipedia.org/wiki/Virtual_machine virtual machines], [http://en.wikipedia.org/wiki/Load_balancing_%28computing%29 load balancing], and [http://en.wikipedia.org/wiki/Virtual_LAN VLAN] technology are combined into an integrated system. Distributed computing and parallel processing underlies the networks of computers that are now used in a number of supercomputing applications.

== OpenStack cloud ==
[http://www.openstack.org/ OpenStack] is the technology currently used by Ubuntu for cloud computing as part of the [https://help.ubuntu.com/community/UbuntuCloudInfrastructure Ubuntu Cloud Infrastructure]. (Also see the [https://help.ubuntu.com/community/OpenStack Ubuntu community help].) It is now included as part of Ubuntu server versions (starting with 12.04 LTS Precise).
* See the [http://www.ubuntu.com/cloud/private-cloud Ubuntu private cloud] information to set up an OpenStack cluster.

== Eucalyptus cloud ==
[http://eucalyptus.cs.ucsb.edu/ Eucalyptus] is a project from University of California Santa Barbara to facilitate cluster computing on servers that have the [[Kubuntu:Quantal#Xen virtual machine host|Xen]] virtual machine implementation enabled. Prior to 11.10 (Oneiric) it was available for the Ubuntu server edition as the [https://help.ubuntu.com/community/UEC Ubuntu Enterprise Cloud].
* See the instructions for installing [http://www.eucalyptus.com/download/eucalyptus/debian Eucalyptus on Debian systems].

== Beowulf ==
The [http://en.wikipedia.org/wiki/Beowulf_cluster Beowulf] cluster computing project is one of the earliest cluster computing examples and provides the underpinning for a number of Linux-based supercomputing clusters. A Beowulf cluster is designed to function like a single supercomputer, and can be scaled to any number of nodes. It uses open source components. See this [http://byobu.info/wiki/Building_a_simple_Beowulf_Like_Cluster_with_Ubuntu introductory article] on creating a Beowulf cluster with Ubuntu.
* [http://svn.oscar.openclustergroup.org/trac/oscar OSCAR] is a software platform that allows the creation of a Beowulf cluster on RedHat or Debian/Ubuntu Linux servers. See [http://svn.oscar.openclustergroup.org/trac/oscar/wiki/repoTesting here] for instructions on installing the .deb packages from repositories.

== BOINC (Berkeley Open Infrastructure for Network Computing) ==
[http://en.wikipedia.org/wiki/Berkeley_Open_Infrastructure_for_Network_Computing BOINC] is middleware software developed at [http://en.wikipedia.org/wiki/Space_Sciences_Laboratory UC Berkeley] to allow multiple computers to operate as a grid-based (cloud based) supercomputer. There are over half a million computers participating in BOINC projects. To [http://wiki.debian.org/BOINC install BOINC] and participate in one or more of these projects:
sudo apt-get install boinc

== A warning about distributed computing ==
Cloud computing is often mistaken for remote hosting. While cloud computing using public hosts may be beneficial in "farming out" a few of your non-sensitive computing needs, the recent ease of cloning filesystems and the promiscuity of datacenters has placed a great deal of sensitive data at risk when databases and critical server functions themselves are remotely hosted at a site not under your complete control. Even "trusted" banks and other large businesses routinely trade and sell our sensitive "private" data to multiple partners (sometimes for profit and sometimes unwittingly). Hosted servers are compromised on a daily basis and it is not very easy for an end customer to know how effective are the security practices of a remote hosting service. Further, any data left on public storage devices (cloud servers) in the US for more than 180 days are subject to search and seizure by government agencies there. Therefore, it is almost always more secure to host your own server(s) in house and to limit the traffic and access to your databases and servers to members of your own organization. Learning how to run your own servers is worth the effort, and powerful hardware on which to run them is inexpensive these days.

The Ubuntu cloud computing environment allows you to recruit the multiple computers within your own organization for distributed ("cloud") computing and thereby keep it all "in house" (behind secure firewalls). You do not need to expose your organization to insecure remote public hosts in order to use cloud computing.

Template:U Precise/NetworkAdmin

Perspectoff — Sat, 08 Jun 2013 17:08:54 GMT

Perspectoff: /* CafePilot */

= Network Monitors =
There are two types of network monitors: those that monitor your own system's network settings and those that monitor network traffic. The latter includes security tools (that can also be used as hackers tools) for exposing security weaknesses in a network. Be aware and be safe! A list of available tools is at [http://www.ubuntu-unleashed.com/2008/06/top-security-tools-in-ubuntu.html Top Ubuntu Security Tools].

=== Netstat ===
[[File:Prefapp1.png|18 px]] [http://www.faqs.org/docs/linux_network/x-087-2-iface.netstat.html Netstat] is the Linux command-line tool to monitor network status and functions. There are many usage parameters. See the manual for help.
netstat

=== Etherape (Network monitoring) ===
[[File:Prefapp1.png|18 px]] [http://etherape.sourceforge.net/ EtherApe] is a graphical utility that allows you to see (in real-time) where connections are being made on your network, or between your network (or computer) and the Internet. If you are experiencing unexpected network activity on your computer or LAN and wish to see where the activity is occurring, this is an easy tool to use. Both "local" user and "root user" installations are created; in general you must use the root user installation to see all your network traffic.
sudo apt-get install etherape

=== List open files ===
[[File:Prefapp1.png|18 px]] Sometimes you will see your network slowing and want to know which files are sending data over ports. Use this command:
lsof -i -n -P

=== Nmap ===
[[File:Prefapp1.png|18 px]] [http://nmap.org/ Nmap] is a free open source utility for network exploration (including showing open ports and running services) and security auditing. Install:
sudo apt-get install nmap

Scan your own PC:
nmap localhost

(Once you have found out which ports are open, use a [[#Firewall|firewall]] to close the ones you don't want open.)

==== Nmap GUI ====
Install:
sudo apt-get install nmapfe

:or you can try Zenmap:
sudo apt-get install zenmap

=== Nessus ===
[http://www.nessus.org Nessus] is a proprietary comprehensive vulnerability scanning suite that is free for personal, non-enterprise usage. See the website for details.

=== Snort ===
[http://www.snort.org/ Snort] is the de facto open source standard for intrusion detection. Install:
sudo apt-get install snort

It can be used with an MySQL database (sudo apt-get install snort-mysql) or with a PostgreSQL database (sudo apt-get install snort-pgsql).

==== AcidBase ====
[http://secureideas.sourceforge.net/ AcidBase] is an intrusion detection / basic analysis and security engine that uses Snort. Install:
sudo apt-get install acidbase

=== AppArmor ===
[http://en.opensuse.org/AppArmor AppArmor] is a set of security enhancements developed by Novell for SUSE Linux. It is installed in (K)ubuntu by default.

==== Disable AppArmor ====
AppArmor can prevent some services from running as expected and cannot be used in conjunction with SELinux. To disable it:
/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
apt-get remove apparmor apparmor-utils

=== SELinux ===
[http://en.wikipedia.org/wiki/Security-Enhanced_Linux SE Linux] (Security Enhanced Linux) is an NSA (US National Security Administration) recommended set of tools for enhanced security in Linux systems. It enforces strict access controls (privileges) and is meant for mission-critical installations. It is not suitable for the casual desktop user. It was first available in Hardy Heron and is being updated for Intrepid Ibex. It is not compatible with AppArmor (which must first be removed).
sudo apt-get install selinux

=== Knockd (Port security) ===
[[File:Prefapp1.png|18 px]] [http://www.zeroflux.org/projects/knock Knockd] is a small server that listens for a pre-defined sequence of port opening attempts (a "knock") before opening an otherwise closed firewall port for communications. Install:
sudo apt-get install knockd

= Network Management =
Monitor your network or datacenter with a framework of utilities. Comparable to IBM Tivoli (which can cost thousands of dollars), these solutions are generally available as either community or enterprise editions.
*[http://www.hyperic.com/products/open-source-systems-monitoring.html Hyperic] is an open-source network monitoring framework that can be used in either a datacenter or a cloud environment (it is used for Amazon Cloud). Both a free community version and a subscription enterprise version are available.
*[http://www.groundworkopensource.com/community/community-edition.html Groundwork OpenSource] offers a community edition that integrates other packages such as Nagios, Nmap, and others. There is a subscription enterprise version as well. It has its roots in a university setting.
*[http://www.openqrm.com/ OpenQRM] is the GPL-licensed, free open-source community successor to the very popular network monitoring solution Qlusters. It is [http://sourceforge.net/project/showfiles.php?group_id=153504 available] as a Debian/Ubuntu package. See the website for details.
*Canonical offers the [http://www.canonical.com/projects/landscape Landscape] network management service for $150 per node, with a free trial available.
*[http://www.zenoss.com/ Zenoss] is a commercial network monitoring subscription package (about $150/node) with a limited free "core" edition also available.

=== Nagios ===
[http://www.nagios.org/ Nagios] is a free open source network monitoring solution. It is administered from a web interface (<nowiki>http://localhost/nagios</nowiki>) and is expandable using a large number of available plugins. For additional configuration information, see the [https://help.ubuntu.com/10.04/serverguide/C/nagios.html official Ubuntu documentation]. Install:
sudo apt-get install nagios3

=== Munin ===
[http://munin-monitoring.org/ Munin] is a free GPL-licensed open source networking monitoring tool based on [http://en.wikipedia.org/wiki/RRDtool RRDTool], in which a master network node queries other network resources, cataloging and graphically displaying changes. It has a web interface and multiple plugins. For additional configuration information, see the [https://help.ubuntu.com/10.04/serverguide/C/munin.html official Ubuntu documentation]. [http://munin-monitoring.org/wiki/LinuxInstallation Install]:
sudo apt-get install munin

=== Cacti Monitoring Server ===
[http://www.cacti.net/ Cacti] is a complete, free open source network graphing solution designed to harness the power of [http://oss.oetiker.ch/rrdtool/ RRDTool]’s data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. It uses MySQL and PHP (part of the [[Ubuntu:Precise#LAMP_server_installation|LAMP]] server stack). All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices. For more info see [http://www.ubuntugeek.com/install-and-configure-cacti-monitoring-tool-in-ubuntu-810-intrepid-ibex-server.html Cacti Server Setup]. Install:
sudo apt-get install cacti

=== Cluster SSH ===
[http://sourceforge.net/apps/mediawiki/clusterssh/index.php?title=Main_Page ClusterSSH] allows replication of a command on an administration console to be replicated via SSH to multiple computers in a cluster. Install:
sudo apt-get install clusterssh

== Enterprise Network Firewall ==
=== IPCop ===
[http://www.ipcop.org IPCop] is a free open source (GPL-licensed) firewall solution for use as an independent appliance (on a dedicated PC) in an enterprise network. It allows remote management and can protect multiple servers, including web and email servers. IPSec-based OpenVPN is supported. The CD image .iso and other files can be downloaded [http://sourceforge.net/project/showfiles.php?group_id=40604&package_id=35093 here]. Installation instructions are on the website.

=== SmoothWall ===
[http://www.smoothwall.org/ SmoothWall Express] is an award-winning, free, open source (with a GPL license) firewall solution for use as an independent appliance (on a dedicated PC) in an enterprise network. Download the installation CD .iso image [http://www.smoothwall.org/get/ here] (server OS included), burn onto a CD, and install on a new, dedicated PC. Many features, however, such as VPN server, database access authentications, and content filtering are only implemented in a commercial version, however, and are not available in the community version.

=== Endian ===
[http://www.endian.com/en/community/about/ Endian] is a very robust, free, open source universal threat management appliance similar to IPCop and Smoothwall. It also incorporates OpenVPN. Like Smoothwall, Dansguardian is used for content filtering (and is included in the community edition). Commercial and hardware versions with some additional features, automatic updates, and professional support are available. See the website for details.

= LTSP (Thin client support) =
[http://www.ltsp.org/ LTSP] (the Linux Terminal Server Project) adds [http://en.wikipedia.org/wiki/Thin_client thin-client] support to Linux servers. The package is free, GPL-licensed, and the client can be used to run programs on either Linux or Windows LTSP servers. There is a module for classroom management (ltsp-controlaula) as well. Installation instructions are [https://help.ubuntu.com/community/UbuntuLTSP/LTSPQuickInstall here]. The alternate LiveCD can also be used to install a terminal server, as indicated in [http://www.ubuntu.com/products/whatisubuntu/serveredition/technologies/ltsp these instructions].
=== LTSP Server ===
Install:
sudo apt-get install ltsp-server ltsp-manager

=== LTSP Client ===
Install:
sudo apt-get ltsp-client

=== iTALC (Thin client for Education) ===
[http://italc.sourceforge.net/ iTALC] is a free, open source (GPL-licensed) thin client solution that supports both (K)Ubuntu Linux and Windows XP. It has been used widely in educational settings to monitor, share, and control multiple workstations. See the website for download and installation instructions.

== Internet Cafe software ==
Internet Cafe (or CyberCafe) software is specialized LAN-administration software that includes time usage monitoring, billing, and administration. It can also be used in schools, libraries, and organizations with multiple monitored workstations requiring usage limits.

=== OutKafe ===
[http://outkastsolutions.co.za/outkast/index.php?option=com_openwiki&id=outkafe OutKafe] is a free, open-source, GPL-licensed cybercafe solution based on a postgreSQL database server stack. It is run on hundreds of sites. It is GTK-based but can be run with Kubuntu (KDE).

=== OpenKiosk ===
[http://openkiosk.sourceforge.net/ OpenKiosk] is a free open source multi-platform server/client solution for administering and monitoring groups of workstations, such as in libraries, school labs, and internet cafes. Installation is from source files. See the website for details.

=== CafePilot ===
[http://sourceforge.net/projects/cafepilot/ CafePilot] is a free multi-platform Java-based server/client solution for real-time monitoring and billing of Cybercafe workstations. 

=== Miscellaneous solutions ===
[http://ask.slashdot.org/story/10/04/11/188217/What-Advice-For-a-Single-Parent-As-Server-Admin?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2FslashdotLinux+%28Slashdot%3A+Linux%29 This thread] discusses several other solutions, including:
*[http://www.untangle.com/ Untangle]
*[http://m0n0.ch/wall/ m0n0wall]
*[http://clearfoundation.com ClearOS]

=== Pessulus (Lockdown Editor) ===
Pessulus is a GTK (Gnome)-based utility that allows an a computer administrator to restrict acccess to several administrative functions, including the command-line Terminal and many other functions. This is useful on public kiosk PCs, for example. Install:
sudo apt-get install pessulus

= Cluster (cloud) computing =
[http://en.wikipedia.org/wiki/Cloud_computing Cloud computing] is the co-ordination of many servers to maximise computing resources and efficiency. The use of [http://en.wikipedia.org/wiki/Virtual_machine virtual machines], [http://en.wikipedia.org/wiki/Load_balancing_%28computing%29 load balancing], and [http://en.wikipedia.org/wiki/Virtual_LAN VLAN] technology are combined into an integrated system. Distributed computing and parallel processing underlies the networks of computers that are now used in a number of supercomputing applications.

== OpenStack cloud ==
[http://www.openstack.org/ OpenStack] is the technology currently used by Ubuntu for cloud computing as part of the [https://help.ubuntu.com/community/UbuntuCloudInfrastructure Ubuntu Cloud Infrastructure]. (Also see the [https://help.ubuntu.com/community/OpenStack Ubuntu community help].) It is now included as part of Ubuntu server versions (starting with 12.04 LTS Precise).
* See the [http://www.ubuntu.com/cloud/private-cloud Ubuntu private cloud] information to set up an OpenStack cluster.

== Eucalyptus cloud ==
[http://eucalyptus.cs.ucsb.edu/ Eucalyptus] is a project from University of California Santa Barbara to facilitate cluster computing on servers that have the [[Kubuntu:Precise#Xen virtual machine host|Xen]] virtual machine implementation enabled. Prior to 11.10 (Oneiric) it was available for the Ubuntu server edition as the [https://help.ubuntu.com/community/UEC Ubuntu Enterprise Cloud].
* See the instructions for installing [http://www.eucalyptus.com/download/eucalyptus/debian Eucalyptus on Debian systems].

== Beowulf ==
The [http://en.wikipedia.org/wiki/Beowulf_cluster Beowulf] cluster computing project is one of the earliest cluster computing examples and provides the underpinning for a number of Linux-based supercomputing clusters. A Beowulf cluster is designed to function like a single supercomputer, and can be scaled to any number of nodes. It uses open source components. See this [http://byobu.info/wiki/Building_a_simple_Beowulf_Like_Cluster_with_Ubuntu introductory article] on creating a Beowulf cluster with Ubuntu.
* [http://svn.oscar.openclustergroup.org/trac/oscar OSCAR] is a software platform that allows the creation of a Beowulf cluster on RedHat or Debian/Ubuntu Linux servers. See [http://svn.oscar.openclustergroup.org/trac/oscar/wiki/repoTesting here] for instructions on installing the .deb packages from repositories.

== BOINC (Berkeley Open Infrastructure for Network Computing) ==
[http://en.wikipedia.org/wiki/Berkeley_Open_Infrastructure_for_Network_Computing BOINC] is middleware software developed at [http://en.wikipedia.org/wiki/Space_Sciences_Laboratory UC Berkeley] to allow multiple computers to operate as a grid-based (cloud based) supercomputer. There are over half a million computers participating in BOINC projects. To [http://wiki.debian.org/BOINC install BOINC] and participate in one or more of these projects:
sudo apt-get install boinc

== A warning about distributed computing ==
Cloud computing is often mistaken for remote hosting. While cloud computing using public hosts may be beneficial in "farming out" a few of your non-sensitive computing needs, the recent ease of cloning filesystems and the promiscuity of datacenters has placed a great deal of sensitive data at risk when databases and critical server functions themselves are remotely hosted at a site not under your complete control. Even "trusted" banks and other large businesses routinely trade and sell our sensitive "private" data to multiple partners (sometimes for profit and sometimes unwittingly). Hosted servers are compromised on a daily basis and it is not very easy for an end customer to know how effective are the security practices of a remote hosting service. Further, any data left on public storage devices (cloud servers) in the US for more than 180 days are subject to search and seizure by government agencies there. Therefore, it is almost always more secure to host your own server(s) in house and to limit the traffic and access to your databases and servers to members of your own organization. Learning how to run your own servers is worth the effort, and powerful hardware on which to run them is inexpensive these days.

The Ubuntu cloud computing environment allows you to recruit the multiple computers within your own organization for distributed ("cloud") computing and thereby keep it all "in house" (behind secure firewalls). You do not need to expose your organization to insecure remote public hosts in order to use cloud computing.

Template:K Precise/NetworkAdmin

Perspectoff — Sat, 08 Jun 2013 17:07:37 GMT

Perspectoff: /* CafePilot */

= Network Monitors =
There are two types of network monitors: those that monitor your own system's network settings and those that monitor network traffic. The latter includes security tools (that can also be used as hackers tools) for exposing security weaknesses in a network. Be aware and be safe! A list of available tools is at [http://www.ubuntu-unleashed.com/2008/06/top-security-tools-in-ubuntu.html Top Ubuntu Security Tools].

=== Netstat ===
[[File:Prefapp1.png|18 px]] [http://www.faqs.org/docs/linux_network/x-087-2-iface.netstat.html Netstat] is the Linux command-line tool to monitor network status and functions. There are many usage parameters. See the manual for help.
netstat

=== Etherape (Network monitoring) ===
[[File:Prefapp1.png|18 px]] [http://etherape.sourceforge.net/ EtherApe] is a graphical utility that allows you to see (in real-time) where connections are being made on your network, or between your network (or computer) and the Internet. If you are experiencing unexpected network activity on your computer or LAN and wish to see where the activity is occurring, this is an easy tool to use. Both "local" user and "root user" installations are created; in general you must use the root user installation to see all your network traffic.
sudo apt-get install etherape

=== List open files ===
[[File:Prefapp1.png|18 px]] Sometimes you will see your network slowing and want to know which files are sending data over ports. Use this command:
lsof -i -n -P

=== Nmap ===
[[File:Prefapp1.png|18 px]] [http://nmap.org/ Nmap] is a free open source utility for network exploration (including showing open ports and running services) and security auditing. Install:
sudo apt-get install nmap

Scan your own PC:
nmap localhost

(Once you have found out which ports are open, use a [[#Firewall|firewall]] to close the ones you don't want open.)

==== Nmap GUI ====
Install:
sudo apt-get install nmapfe

:or you can try Zenmap:
sudo apt-get install zenmap

=== Nessus ===
[http://www.nessus.org Nessus] is a proprietary comprehensive vulnerability scanning suite that is free for personal, non-enterprise usage. See the website for details.

=== Snort ===
[http://www.snort.org/ Snort] is the de facto open source standard for intrusion detection. Install:
sudo apt-get install snort

It can be used with an MySQL database (sudo apt-get install snort-mysql) or with a PostgreSQL database (sudo apt-get install snort-pgsql).

==== AcidBase ====
[http://secureideas.sourceforge.net/ AcidBase] is an intrusion detection / basic analysis and security engine that uses Snort. Install:
sudo apt-get install acidbase

=== AppArmor ===
[http://en.opensuse.org/AppArmor AppArmor] is a set of security enhancements developed by Novell for SUSE Linux. It is installed in (K)ubuntu by default.

==== Disable AppArmor ====
AppArmor can prevent some services from running as expected and cannot be used in conjunction with SELinux. To disable it:
/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
apt-get remove apparmor apparmor-utils

=== SELinux ===
[http://en.wikipedia.org/wiki/Security-Enhanced_Linux SE Linux] (Security Enhanced Linux) is an NSA (US National Security Administration) recommended set of tools for enhanced security in Linux systems. It enforces strict access controls (privileges) and is meant for mission-critical installations. It is not suitable for the casual desktop user. It was first available in Hardy Heron and is being updated for Intrepid Ibex. It is not compatible with AppArmor (which must first be removed).
sudo apt-get install selinux

=== Knockd (Port security) ===
[[File:Prefapp1.png|18 px]] [http://www.zeroflux.org/projects/knock Knockd] is a small server that listens for a pre-defined sequence of port opening attempts (a "knock") before opening an otherwise closed firewall port for communications. Install:
sudo apt-get install knockd

= Network Management =
Monitor your network or datacenter with a framework of utilities. Comparable to IBM Tivoli (which can cost thousands of dollars), these solutions are generally available as either community or enterprise editions.
* [http://www.hyperic.com/products/open-source-systems-monitoring.html Hyperic] is an open-source network monitoring framework that can be used in either a datacenter or a cloud environment (it is used for Amazon Cloud). Both a free community version and a subscription enterprise version are available.
* [http://www.groundworkopensource.com/community/community-edition.html Groundwork OpenSource] offers a community edition that integrates other packages such as Nagios, Nmap, and others. There is a subscription enterprise version as well. It has its roots in a university setting.
* [http://www.openqrm.com/ OpenQRM] is the GPL-licensed, free open-source community successor to the very popular network monitoring solution Qlusters. It is [http://sourceforge.net/project/showfiles.php?group_id=153504 available] as a Debian/Ubuntu package. See the website for details.
* Canonical offers the [http://www.canonical.com/projects/landscape Landscape] network management service for $150 per node, with a free trial available.
* [http://www.zenoss.com/ Zenoss] is a commercial network monitoring subscription package (about $150/node) with a limited free "core" edition also available.

=== Nagios ===
[http://www.nagios.org/ Nagios] is a free open source network monitoring solution. It is administered from a web interface (<nowiki>http://localhost/nagios</nowiki>) and is expandable using a large number of available plugins. For additional configuration information, see the [https://help.ubuntu.com/10.04/serverguide/C/nagios.html official Ubuntu documentation]. Install:
sudo apt-get install nagios3

=== Munin ===
[http://munin-monitoring.org/ Munin] is a free GPL-licensed open source networking monitoring tool based on [http://en.wikipedia.org/wiki/RRDtool RRDTool], in which a master network node queries other network resources, cataloging and graphically displaying changes. It has a web interface and multiple plugins. For additional configuration information, see the [https://help.ubuntu.com/10.04/serverguide/C/munin.html official Ubuntu documentation]. [http://munin-monitoring.org/wiki/LinuxInstallation Install]:
sudo apt-get install munin

=== Cacti Monitoring Server ===
[http://www.cacti.net/ Cacti] is a complete, free open source network graphing solution designed to harness the power of [http://oss.oetiker.ch/rrdtool/ RRDTool]’s data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. It uses MySQL and PHP (part of the [[Kubuntu_Precise_Servers#LAMP_server_installation|LAMP]] server stack). All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices. For more info see [http://www.ubuntugeek.com/install-and-configure-cacti-monitoring-tool-in-ubuntu-810-intrepid-ibex-server.html Cacti Server Setup]. Install:
sudo apt-get install cacti

=== Cluster SSH ===
[http://sourceforge.net/apps/mediawiki/clusterssh/index.php?title=Main_Page ClusterSSH] allows replication of a command on an administration console to be replicated via SSH to multiple computers in a cluster. Install:
sudo apt-get install clusterssh

== Enterprise Network Firewall ==

=== IPCop ===
[http://www.ipcop.org IPCop] is a free open source (GPL-licensed) firewall solution for use as an independent appliance (on a dedicated PC) in an enterprise network. It allows remote management and can protect multiple servers, including web and email servers. IPSec-based OpenVPN is supported. The CD image .iso and other files can be downloaded [http://sourceforge.net/project/showfiles.php?group_id=40604&package_id=35093 here]. Installation instructions are on the website.

=== SmoothWall ===
[http://www.smoothwall.org/ SmoothWall Express] is an award-winning, free, open source (with a GPL license) firewall solution for use as an independent appliance (on a dedicated PC) in an enterprise network. Download the installation CD .iso image [http://www.smoothwall.org/get/ here] (server OS included), burn onto a CD, and install on a new, dedicated PC. Many features, however, such as VPN server, database access authentications, and content filtering are only implemented in a commercial version, however, and are not available in the community version.

=== Endian ===
[http://www.endian.com/en/community/about/ Endian] is a very robust, free, open source universal threat management appliance similar to IPCop and Smoothwall. It also incorporates OpenVPN. Like Smoothwall, Dansguardian is used for content filtering (and is included in the community edition). Commercial and hardware versions with some additional features, automatic updates, and professional support are available. See the website for details.

= LTSP (Thin client support) =
[http://www.ltsp.org/ LTSP] (the Linux Terminal Server Project) adds [http://en.wikipedia.org/wiki/Thin_client thin-client] support to Linux servers. The package is free, GPL-licensed, and the client can be used to run programs on either Linux or Windows LTSP servers. There is a module for classroom management (ltsp-controlaula) as well. Installation instructions are [https://help.ubuntu.com/community/UbuntuLTSP/LTSPQuickInstall here]. The alternate LiveCD can also be used to install a terminal server, as indicated in [http://www.ubuntu.com/products/whatisubuntu/serveredition/technologies/ltsp these instructions].

=== LTSP Server ===
Install:
sudo apt-get install ltsp-server ltsp-manager

=== LTSP Client ===
Install:
sudo apt-get ltsp-client

=== iTALC (Thin client for Education) ===
[http://italc.sourceforge.net/ iTALC] is a free, open source (GPL-licensed) thin client solution that supports both (K)Ubuntu Linux and Windows XP. It has been used widely in educational settings to monitor, share, and control multiple workstations. See the website for download and installation instructions.

== Internet Cafe software ==
Internet Cafe (or CyberCafe) software is specialized LAN-administration software that includes time usage monitoring, billing, and administration. It can also be used in schools, libraries, and organizations with multiple monitored workstations requiring usage limits.

=== OutKafe ===
[http://outkastsolutions.co.za/outkast/index.php?option=com_openwiki&id=outkafe OutKafe] is a free, open-source, GPL-licensed cybercafe solution based on a postgreSQL database server stack. It is run on hundreds of sites. It is GTK-based but can be run with Kubuntu (KDE).

=== OpenKiosk ===
[http://openkiosk.sourceforge.net/ OpenKiosk] is a free open source multi-platform server/client solution for administering and monitoring groups of workstations, such as in libraries, school labs, and internet cafes. Installation is from source files. See the website for details.

=== CafePilot ===
[http://sourceforge.net/projects/cafepilot/ CafePilot] is a free multi-platform Java-based server/client solution for real-time monitoring and billing of Cybercafe workstations. 

=== Miscellaneous solutions ===
[http://ask.slashdot.org/story/10/04/11/188217/What-Advice-For-a-Single-Parent-As-Server-Admin?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2FslashdotLinux+%28Slashdot%3A+Linux%29 This thread] discusses several other solutions, including:
* [http://www.untangle.com/ Untangle]
* [http://m0n0.ch/wall/ m0n0wall]
* [http://clearfoundation.com ClearOS]

=== Pessulus (Lockdown Editor) ===
Pessulus is a GTK (Gnome)-based utility that allows an a computer administrator to restrict acccess to several administrative functions, including the command-line Terminal and many other functions. This is useful on public kiosk PCs, for example. Install:
sudo apt-get install pessulus

= Cluster (cloud) computing =
[http://en.wikipedia.org/wiki/Cloud_computing Cloud computing] is the co-ordination of many servers to maximise computing resources and efficiency. The use of [http://en.wikipedia.org/wiki/Virtual_machine virtual machines], [http://en.wikipedia.org/wiki/Load_balancing_%28computing%29 load balancing], and [http://en.wikipedia.org/wiki/Virtual_LAN VLAN] technology are combined into an integrated system. Distributed computing and parallel processing underlies the networks of computers that are now used in a number of supercomputing applications.

== OpenStack cloud ==
[http://www.openstack.org/ OpenStack] is the technology currently used by Ubuntu for cloud computing as part of the [https://help.ubuntu.com/community/UbuntuCloudInfrastructure Ubuntu Cloud Infrastructure]. (Also see the [https://help.ubuntu.com/community/OpenStack Ubuntu community help].) It is now included as part of Ubuntu server versions (starting with 12.04 LTS Precise).
* See the [http://www.ubuntu.com/cloud/private-cloud Ubuntu private cloud] information to set up an OpenStack cluster.

== Eucalyptus cloud ==
[http://eucalyptus.cs.ucsb.edu/ Eucalyptus] is a project from University of California Santa Barbara to facilitate cluster computing on servers that have the [[Kubuntu_Precise_Virtual_Machines#Xen|Xen]] virtual machine implementation enabled. Prior to 11.10 (Oneiric) it was available for the Ubuntu server edition as the [https://help.ubuntu.com/community/UEC Ubuntu Enterprise Cloud].
* See the instructions for installing [http://www.eucalyptus.com/download/eucalyptus/debian Eucalyptus on Debian systems].

== Beowulf ==
The [http://en.wikipedia.org/wiki/Beowulf_cluster Beowulf] cluster computing project is one of the earliest cluster computing examples and provides the underpinning for a number of Linux-based supercomputing clusters. A Beowulf cluster is designed to function like a single supercomputer, and can be scaled to any number of nodes. It uses open source components. See this [http://byobu.info/wiki/Building_a_simple_Beowulf_Like_Cluster_with_Ubuntu introductory article] on creating a Beowulf cluster with Ubuntu.
* [http://svn.oscar.openclustergroup.org/trac/oscar OSCAR] is a software platform that allows the creation of a Beowulf cluster on RedHat or Debian/Ubuntu Linux servers. See [http://svn.oscar.openclustergroup.org/trac/oscar/wiki/repoTesting here] for instructions on installing the .deb packages from repositories.

== BOINC (Berkeley Open Infrastructure for Network Computing) ==
[http://en.wikipedia.org/wiki/Berkeley_Open_Infrastructure_for_Network_Computing BOINC] is middleware software developed at [http://en.wikipedia.org/wiki/Space_Sciences_Laboratory UC Berkeley] to allow multiple computers to operate as a grid-based (cloud based) supercomputer. There are over half a million computers participating in BOINC projects. To [http://wiki.debian.org/BOINC install BOINC] and participate in one or more of these projects:
sudo apt-get install boinc

== A warning about distributed computing ==
Cloud computing is often mistaken for remote hosting. While cloud computing using public hosts may be beneficial in "farming out" a few of your non-sensitive computing needs, the recent ease of cloning filesystems and the promiscuity of datacenters has placed a great deal of sensitive data at risk when databases and critical server functions themselves are remotely hosted at a site not under your complete control. Even "trusted" banks and other large businesses routinely trade and sell our sensitive "private" data to multiple partners (sometimes for profit and sometimes unwittingly). Hosted servers are compromised on a daily basis and it is not very easy for an end customer to know how effective are the security practices of a remote hosting service. Further, any data left on public storage devices (cloud servers) in the US for more than 180 days are subject to search and seizure by government agencies there. Therefore, it is almost always more secure to host your own server(s) in house and to limit the traffic and access to your databases and servers to members of your own organization. Learning how to run your own servers is worth the effort, and powerful hardware on which to run them is inexpensive these days.

The Ubuntu cloud computing environment allows you to recruit the multiple computers within your own organization for distributed ("cloud") computing and thereby keep it all "in house" (behind secure firewalls). You do not need to expose your organization to insecure remote public hosts in order to use cloud computing.

Template:K Quantal/NetworkAdmin

Perspectoff — Sat, 08 Jun 2013 17:07:05 GMT

Perspectoff: /* CafePilot */

= Network Monitors =
There are two types of network monitors: those that monitor your own system's network settings and those that monitor network traffic. The latter includes security tools (that can also be used as hackers tools) for exposing security weaknesses in a network. Be aware and be safe! A list of available tools is at [http://www.ubuntu-unleashed.com/2008/06/top-security-tools-in-ubuntu.html Top Ubuntu Security Tools].

=== Netstat ===
[[File:Prefapp1.png|18 px]] [http://www.faqs.org/docs/linux_network/x-087-2-iface.netstat.html Netstat] is the Linux command-line tool to monitor network status and functions. There are many usage parameters. See the manual for help.
netstat

=== Etherape (Network monitoring) ===
[[File:Prefapp1.png|18 px]] [http://etherape.sourceforge.net/ EtherApe] is a graphical utility that allows you to see (in real-time) where connections are being made on your network, or between your network (or computer) and the Internet. If you are experiencing unexpected network activity on your computer or LAN and wish to see where the activity is occurring, this is an easy tool to use. Both "local" user and "root user" installations are created; in general you must use the root user installation to see all your network traffic.
sudo apt-get install etherape

=== List open files ===
[[File:Prefapp1.png|18 px]] Sometimes you will see your network slowing and want to know which files are sending data over ports. Use this command:
lsof -i -n -P

=== Nmap ===
[[File:Prefapp1.png|18 px]] [http://nmap.org/ Nmap] is a free open source utility for network exploration (including showing open ports and running services) and security auditing. Install:
sudo apt-get install nmap

Scan your own PC:
nmap localhost

(Once you have found out which ports are open, use a [[#Firewall|firewall]] to close the ones you don't want open.)

==== Nmap GUI ====
Install:
sudo apt-get install nmapfe

:or you can try Zenmap:
sudo apt-get install zenmap

=== Nessus ===
[http://www.nessus.org Nessus] is a proprietary comprehensive vulnerability scanning suite that is free for personal, non-enterprise usage. See the website for details.

=== Snort ===
[http://www.snort.org/ Snort] is the de facto open source standard for intrusion detection. Install:
sudo apt-get install snort

It can be used with an MySQL database (sudo apt-get install snort-mysql) or with a PostgreSQL database (sudo apt-get install snort-pgsql).

==== AcidBase ====
[http://secureideas.sourceforge.net/ AcidBase] is an intrusion detection / basic analysis and security engine that uses Snort. Install:
sudo apt-get install acidbase

=== AppArmor ===
[http://en.opensuse.org/AppArmor AppArmor] is a set of security enhancements developed by Novell for SUSE Linux. It is installed in (K)ubuntu by default.

==== Disable AppArmor ====
AppArmor can prevent some services from running as expected and cannot be used in conjunction with SELinux. To disable it:
/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
apt-get remove apparmor apparmor-utils

=== SELinux ===
[http://en.wikipedia.org/wiki/Security-Enhanced_Linux SE Linux] (Security Enhanced Linux) is an NSA (US National Security Administration) recommended set of tools for enhanced security in Linux systems. It enforces strict access controls (privileges) and is meant for mission-critical installations. It is not suitable for the casual desktop user. It was first available in Hardy Heron and is being updated for Intrepid Ibex. It is not compatible with AppArmor (which must first be removed).
sudo apt-get install selinux

=== Knockd (Port security) ===
[[File:Prefapp1.png|18 px]] [http://www.zeroflux.org/projects/knock Knockd] is a small server that listens for a pre-defined sequence of port opening attempts (a "knock") before opening an otherwise closed firewall port for communications. Install:
sudo apt-get install knockd

= Network Management =
Monitor your network or datacenter with a framework of utilities. Comparable to IBM Tivoli (which can cost thousands of dollars), these solutions are generally available as either community or enterprise editions.
* [http://www.hyperic.com/products/open-source-systems-monitoring.html Hyperic] is an open-source network monitoring framework that can be used in either a datacenter or a cloud environment (it is used for Amazon Cloud). Both a free community version and a subscription enterprise version are available.
* [http://www.groundworkopensource.com/community/community-edition.html Groundwork OpenSource] offers a community edition that integrates other packages such as Nagios, Nmap, and others. There is a subscription enterprise version as well. It has its roots in a university setting.
* [http://www.openqrm.com/ OpenQRM] is the GPL-licensed, free open-source community successor to the very popular network monitoring solution Qlusters. It is [http://sourceforge.net/project/showfiles.php?group_id=153504 available] as a Debian/Ubuntu package. See the website for details.
* Canonical offers the [http://www.canonical.com/projects/landscape Landscape] network management service for $150 per node, with a free trial available.
* [http://www.zenoss.com/ Zenoss] is a commercial network monitoring subscription package (about $150/node) with a limited free "core" edition also available.

=== Nagios ===
[http://www.nagios.org/ Nagios] is a free open source network monitoring solution. It is administered from a web interface (<nowiki>http://localhost/nagios</nowiki>) and is expandable using a large number of available plugins. For additional configuration information, see the [https://help.ubuntu.com/10.04/serverguide/C/nagios.html official Ubuntu documentation]. Install:
sudo apt-get install nagios3

=== Munin ===
[http://munin-monitoring.org/ Munin] is a free GPL-licensed open source networking monitoring tool based on [http://en.wikipedia.org/wiki/RRDtool RRDTool], in which a master network node queries other network resources, cataloging and graphically displaying changes. It has a web interface and multiple plugins. For additional configuration information, see the [https://help.ubuntu.com/10.04/serverguide/C/munin.html official Ubuntu documentation]. [http://munin-monitoring.org/wiki/LinuxInstallation Install]:
sudo apt-get install munin

=== Cacti Monitoring Server ===
[http://www.cacti.net/ Cacti] is a complete, free open source network graphing solution designed to harness the power of [http://oss.oetiker.ch/rrdtool/ RRDTool]’s data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. It uses MySQL and PHP (part of the [[Kubuntu_Quantal_Servers#LAMP_server_installation|LAMP]] server stack). All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices. For more info see [http://www.ubuntugeek.com/install-and-configure-cacti-monitoring-tool-in-ubuntu-810-intrepid-ibex-server.html Cacti Server Setup]. Install:
sudo apt-get install cacti

=== Cluster SSH ===
[http://sourceforge.net/apps/mediawiki/clusterssh/index.php?title=Main_Page ClusterSSH] allows replication of a command on an administration console to be replicated via SSH to multiple computers in a cluster. Install:
sudo apt-get install clusterssh

== Enterprise Network Firewall ==

=== IPCop ===
[http://www.ipcop.org IPCop] is a free open source (GPL-licensed) firewall solution for use as an independent appliance (on a dedicated PC) in an enterprise network. It allows remote management and can protect multiple servers, including web and email servers. IPSec-based OpenVPN is supported. The CD image .iso and other files can be downloaded [http://sourceforge.net/project/showfiles.php?group_id=40604&package_id=35093 here]. Installation instructions are on the website.

=== SmoothWall ===
[http://www.smoothwall.org/ SmoothWall Express] is an award-winning, free, open source (with a GPL license) firewall solution for use as an independent appliance (on a dedicated PC) in an enterprise network. Download the installation CD .iso image [http://www.smoothwall.org/get/ here] (server OS included), burn onto a CD, and install on a new, dedicated PC. Many features, however, such as VPN server, database access authentications, and content filtering are only implemented in a commercial version, however, and are not available in the community version.

=== Endian ===
[http://www.endian.com/en/community/about/ Endian] is a very robust, free, open source universal threat management appliance similar to IPCop and Smoothwall. It also incorporates OpenVPN. Like Smoothwall, Dansguardian is used for content filtering (and is included in the community edition). Commercial and hardware versions with some additional features, automatic updates, and professional support are available. See the website for details.

= LTSP (Thin client support) =
[http://www.ltsp.org/ LTSP] (the Linux Terminal Server Project) adds [http://en.wikipedia.org/wiki/Thin_client thin-client] support to Linux servers. The package is free, GPL-licensed, and the client can be used to run programs on either Linux or Windows LTSP servers. There is a module for classroom management (ltsp-controlaula) as well. Installation instructions are [https://help.ubuntu.com/community/UbuntuLTSP/LTSPQuickInstall here]. The alternate LiveCD can also be used to install a terminal server, as indicated in [http://www.ubuntu.com/products/whatisubuntu/serveredition/technologies/ltsp these instructions].

=== LTSP Server ===
Install:
sudo apt-get install ltsp-server ltsp-manager

=== LTSP Client ===
Install:
sudo apt-get ltsp-client

=== iTALC (Thin client for Education) ===
[http://italc.sourceforge.net/ iTALC] is a free, open source (GPL-licensed) thin client solution that supports both (K)Ubuntu Linux and Windows XP. It has been used widely in educational settings to monitor, share, and control multiple workstations. See the website for download and installation instructions.

== Internet Cafe software ==
Internet Cafe (or CyberCafe) software is specialized LAN-administration software that includes time usage monitoring, billing, and administration. It can also be used in schools, libraries, and organizations with multiple monitored workstations requiring usage limits.

=== OutKafe ===
[http://outkastsolutions.co.za/outkast/index.php?option=com_openwiki&id=outkafe OutKafe] is a free, open-source, GPL-licensed cybercafe solution based on a postgreSQL database server stack. It is run on hundreds of sites. It is GTK-based but can be run with Kubuntu (KDE).

=== OpenKiosk ===
[http://openkiosk.sourceforge.net/ OpenKiosk] is a free open source multi-platform server/client solution for administering and monitoring groups of workstations, such as in libraries, school labs, and internet cafes. Installation is from source files. See the website for details.

=== CafePilot ===
[http://sourceforge.net/projects/cafepilot/ CafePilot] is a free multi-platform Java-based server/client solution for real-time monitoring and billing of Cybercafe workstations. 

=== Miscellaneous solutions ===
[http://ask.slashdot.org/story/10/04/11/188217/What-Advice-For-a-Single-Parent-As-Server-Admin?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2FslashdotLinux+%28Slashdot%3A+Linux%29 This thread] discusses several other solutions, including:
* [http://www.untangle.com/ Untangle]
* [http://m0n0.ch/wall/ m0n0wall]
* [http://clearfoundation.com ClearOS]

=== Pessulus (Lockdown Editor) ===
Pessulus is a GTK (Gnome)-based utility that allows an a computer administrator to restrict acccess to several administrative functions, including the command-line Terminal and many other functions. This is useful on public kiosk PCs, for example. Install:
sudo apt-get install pessulus

= Cluster (cloud) computing =
[http://en.wikipedia.org/wiki/Cloud_computing Cloud computing] is the co-ordination of many servers to maximise computing resources and efficiency. The use of [http://en.wikipedia.org/wiki/Virtual_machine virtual machines], [http://en.wikipedia.org/wiki/Load_balancing_%28computing%29 load balancing], and [http://en.wikipedia.org/wiki/Virtual_LAN VLAN] technology are combined into an integrated system. Distributed computing and parallel processing underlies the networks of computers that are now used in a number of supercomputing applications.

== OpenStack cloud ==
[http://www.openstack.org/ OpenStack] is the technology currently used by Ubuntu for cloud computing as part of the [https://help.ubuntu.com/community/UbuntuCloudInfrastructure Ubuntu Cloud Infrastructure]. (Also see the [https://help.ubuntu.com/community/OpenStack Ubuntu community help].) It is now included as part of Ubuntu server versions (starting with 12.04 LTS Precise).
* See the [http://www.ubuntu.com/cloud/private-cloud Ubuntu private cloud] information to set up an OpenStack cluster.

== Eucalyptus cloud ==
[http://eucalyptus.cs.ucsb.edu/ Eucalyptus] is a project from University of California Santa Barbara to facilitate cluster computing on servers that have the [[Kubuntu_Quantal_Virtual_Machines#Xen|Xen]] virtual machine implementation enabled. Prior to 11.10 (Oneiric) it was available for the Ubuntu server edition as the [https://help.ubuntu.com/community/UEC Ubuntu Enterprise Cloud].
* See the instructions for installing [http://www.eucalyptus.com/download/eucalyptus/debian Eucalyptus on Debian systems].

== Beowulf ==
The [http://en.wikipedia.org/wiki/Beowulf_cluster Beowulf] cluster computing project is one of the earliest cluster computing examples and provides the underpinning for a number of Linux-based supercomputing clusters. A Beowulf cluster is designed to function like a single supercomputer, and can be scaled to any number of nodes. It uses open source components. See this [http://byobu.info/wiki/Building_a_simple_Beowulf_Like_Cluster_with_Ubuntu introductory article] on creating a Beowulf cluster with Ubuntu.
* [http://svn.oscar.openclustergroup.org/trac/oscar OSCAR] is a software platform that allows the creation of a Beowulf cluster on RedHat or Debian/Ubuntu Linux servers. See [http://svn.oscar.openclustergroup.org/trac/oscar/wiki/repoTesting here] for instructions on installing the .deb packages from repositories.

== BOINC (Berkeley Open Infrastructure for Network Computing) ==
[http://en.wikipedia.org/wiki/Berkeley_Open_Infrastructure_for_Network_Computing BOINC] is middleware software developed at [http://en.wikipedia.org/wiki/Space_Sciences_Laboratory UC Berkeley] to allow multiple computers to operate as a grid-based (cloud based) supercomputer. There are over half a million computers participating in BOINC projects. To [http://wiki.debian.org/BOINC install BOINC] and participate in one or more of these projects:
sudo apt-get install boinc

== A warning about distributed computing ==
Cloud computing is often mistaken for remote hosting. While cloud computing using public hosts may be beneficial in "farming out" a few of your non-sensitive computing needs, the recent ease of cloning filesystems and the promiscuity of datacenters has placed a great deal of sensitive data at risk when databases and critical server functions themselves are remotely hosted at a site not under your complete control. Even "trusted" banks and other large businesses routinely trade and sell our sensitive "private" data to multiple partners (sometimes for profit and sometimes unwittingly). Hosted servers are compromised on a daily basis and it is not very easy for an end customer to know how effective are the security practices of a remote hosting service. Further, any data left on public storage devices (cloud servers) in the US for more than 180 days are subject to search and seizure by government agencies there. Therefore, it is almost always more secure to host your own server(s) in house and to limit the traffic and access to your databases and servers to members of your own organization. Learning how to run your own servers is worth the effort, and powerful hardware on which to run them is inexpensive these days.

The Ubuntu cloud computing environment allows you to recruit the multiple computers within your own organization for distributed ("cloud") computing and thereby keep it all "in house" (behind secure firewalls). You do not need to expose your organization to insecure remote public hosts in order to use cloud computing.

Template:K Raring/NetworkAdmin

Perspectoff — Sat, 08 Jun 2013 17:05:45 GMT

Perspectoff: /* CafePilot */

= Network Monitors =
There are two types of network monitors: those that monitor your own system's network settings and those that monitor network traffic. The latter includes security tools (that can also be used as hackers tools) for exposing security weaknesses in a network. Be aware and be safe! A list of available tools is at [http://www.ubuntu-unleashed.com/2008/06/top-security-tools-in-ubuntu.html Top Ubuntu Security Tools].

=== Netstat ===
[[File:Prefapp1.png|18 px]] [http://www.faqs.org/docs/linux_network/x-087-2-iface.netstat.html Netstat] is the Linux command-line tool to monitor network status and functions. There are many usage parameters. See the manual for help.
netstat

=== Etherape (Network monitoring) ===
[[File:Prefapp1.png|18 px]] [http://etherape.sourceforge.net/ EtherApe] is a graphical utility that allows you to see (in real-time) where connections are being made on your network, or between your network (or computer) and the Internet. If you are experiencing unexpected network activity on your computer or LAN and wish to see where the activity is occurring, this is an easy tool to use. Both "local" user and "root user" installations are created; in general you must use the root user installation to see all your network traffic.
sudo apt-get install etherape

=== List open files ===
[[File:Prefapp1.png|18 px]] Sometimes you will see your network slowing and want to know which files are sending data over ports. Use this command:
lsof -i -n -P

=== Nmap ===
[[File:Prefapp1.png|18 px]] [http://nmap.org/ Nmap] is a free open source utility for network exploration (including showing open ports and running services) and security auditing. Install:
sudo apt-get install nmap

Scan your own PC:
nmap localhost

(Once you have found out which ports are open, use a [[#Firewall|firewall]] to close the ones you don't want open.)

==== Nmap GUI ====
Install:
sudo apt-get install nmapfe

:or you can try Zenmap:
sudo apt-get install zenmap

=== Nessus ===
[http://www.nessus.org Nessus] is a proprietary comprehensive vulnerability scanning suite that is free for personal, non-enterprise usage. See the website for details.

=== Snort ===
[http://www.snort.org/ Snort] is the de facto open source standard for intrusion detection. Install:
sudo apt-get install snort

It can be used with an MySQL database (sudo apt-get install snort-mysql) or with a PostgreSQL database (sudo apt-get install snort-pgsql).

==== AcidBase ====
[http://secureideas.sourceforge.net/ AcidBase] is an intrusion detection / basic analysis and security engine that uses Snort. Install:
sudo apt-get install acidbase

=== AppArmor ===
[http://en.opensuse.org/AppArmor AppArmor] is a set of security enhancements developed by Novell for SUSE Linux. It is installed in (K)ubuntu by default.

==== Disable AppArmor ====
AppArmor can prevent some services from running as expected and cannot be used in conjunction with SELinux. To disable it:
/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
apt-get remove apparmor apparmor-utils

=== SELinux ===
[http://en.wikipedia.org/wiki/Security-Enhanced_Linux SE Linux] (Security Enhanced Linux) is an NSA (US National Security Administration) recommended set of tools for enhanced security in Linux systems. It enforces strict access controls (privileges) and is meant for mission-critical installations. It is not suitable for the casual desktop user. It was first available in Hardy Heron and is being updated for Intrepid Ibex. It is not compatible with AppArmor (which must first be removed).
sudo apt-get install selinux

=== Knockd (Port security) ===
[[File:Prefapp1.png|18 px]] [http://www.zeroflux.org/projects/knock Knockd] is a small server that listens for a pre-defined sequence of port opening attempts (a "knock") before opening an otherwise closed firewall port for communications. Install:
sudo apt-get install knockd

= Network Management =
Monitor your network or datacenter with a framework of utilities. Comparable to IBM Tivoli (which can cost thousands of dollars), these solutions are generally available as either community or enterprise editions.
* [http://www.hyperic.com/products/open-source-systems-monitoring.html Hyperic] is an open-source network monitoring framework that can be used in either a datacenter or a cloud environment (it is used for Amazon Cloud). Both a free community version and a subscription enterprise version are available.
* [http://www.groundworkopensource.com/community/community-edition.html Groundwork OpenSource] offers a community edition that integrates other packages such as Nagios, Nmap, and others. There is a subscription enterprise version as well. It has its roots in a university setting.
* [http://www.openqrm.com/ OpenQRM] is the GPL-licensed, free open-source community successor to the very popular network monitoring solution Qlusters. It is [http://sourceforge.net/project/showfiles.php?group_id=153504 available] as a Debian/Ubuntu package. See the website for details.
* Canonical offers the [http://www.canonical.com/projects/landscape Landscape] network management service for $150 per node, with a free trial available.
* [http://www.zenoss.com/ Zenoss] is a commercial network monitoring subscription package (about $150/node) with a limited free "core" edition also available.

=== Nagios ===
[http://www.nagios.org/ Nagios] is a free open source network monitoring solution. It is administered from a web interface (<nowiki>http://localhost/nagios</nowiki>) and is expandable using a large number of available plugins. For additional configuration information, see the [https://help.ubuntu.com/10.04/serverguide/C/nagios.html official Ubuntu documentation]. Install:
sudo apt-get install nagios3

=== Munin ===
[http://munin-monitoring.org/ Munin] is a free GPL-licensed open source networking monitoring tool based on [http://en.wikipedia.org/wiki/RRDtool RRDTool], in which a master network node queries other network resources, cataloging and graphically displaying changes. It has a web interface and multiple plugins. For additional configuration information, see the [https://help.ubuntu.com/10.04/serverguide/C/munin.html official Ubuntu documentation]. [http://munin-monitoring.org/wiki/LinuxInstallation Install]:
sudo apt-get install munin

=== Cacti Monitoring Server ===
[http://www.cacti.net/ Cacti] is a complete, free open source network graphing solution designed to harness the power of [http://oss.oetiker.ch/rrdtool/ RRDTool]’s data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. It uses MySQL and PHP (part of the [[Kubuntu_Raring_Servers#LAMP_server_installation|LAMP]] server stack). All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices. For more info see [http://www.ubuntugeek.com/install-and-configure-cacti-monitoring-tool-in-ubuntu-810-intrepid-ibex-server.html Cacti Server Setup]. Install:
sudo apt-get install cacti

=== Cluster SSH ===
[http://sourceforge.net/apps/mediawiki/clusterssh/index.php?title=Main_Page ClusterSSH] allows replication of a command on an administration console to be replicated via SSH to multiple computers in a cluster. Install:
sudo apt-get install clusterssh

== Enterprise Network Firewall ==

=== IPCop ===
[http://www.ipcop.org IPCop] is a free open source (GPL-licensed) firewall solution for use as an independent appliance (on a dedicated PC) in an enterprise network. It allows remote management and can protect multiple servers, including web and email servers. IPSec-based OpenVPN is supported. The CD image .iso and other files can be downloaded [http://sourceforge.net/project/showfiles.php?group_id=40604&package_id=35093 here]. Installation instructions are on the website.

=== SmoothWall ===
[http://www.smoothwall.org/ SmoothWall Express] is an award-winning, free, open source (with a GPL license) firewall solution for use as an independent appliance (on a dedicated PC) in an enterprise network. Download the installation CD .iso image [http://www.smoothwall.org/get/ here] (server OS included), burn onto a CD, and install on a new, dedicated PC. Many features, however, such as VPN server, database access authentications, and content filtering are only implemented in a commercial version, however, and are not available in the community version.

=== Endian ===
[http://www.endian.com/en/community/about/ Endian] is a very robust, free, open source universal threat management appliance similar to IPCop and Smoothwall. It also incorporates OpenVPN. Like Smoothwall, Dansguardian is used for content filtering (and is included in the community edition). Commercial and hardware versions with some additional features, automatic updates, and professional support are available. See the website for details.

= LTSP (Thin client support) =
[http://www.ltsp.org/ LTSP] (the Linux Terminal Server Project) adds [http://en.wikipedia.org/wiki/Thin_client thin-client] support to Linux servers. The package is free, GPL-licensed, and the client can be used to run programs on either Linux or Windows LTSP servers. There is a module for classroom management (ltsp-controlaula) as well. Installation instructions are [https://help.ubuntu.com/community/UbuntuLTSP/LTSPQuickInstall here]. The alternate LiveCD can also be used to install a terminal server, as indicated in [http://www.ubuntu.com/products/whatisubuntu/serveredition/technologies/ltsp these instructions].

=== LTSP Server ===
Install:
sudo apt-get install ltsp-server ltsp-manager

=== LTSP Client ===
Install:
sudo apt-get ltsp-client

=== iTALC (Thin client for Education) ===
[http://italc.sourceforge.net/ iTALC] is a free, open source (GPL-licensed) thin client solution that supports both (K)Ubuntu Linux and Windows XP. It has been used widely in educational settings to monitor, share, and control multiple workstations. See the website for download and installation instructions.

== Internet Cafe software ==
Internet Cafe (or CyberCafe) software is specialized LAN-administration software that includes time usage monitoring, billing, and administration. It can also be used in schools, libraries, and organizations with multiple monitored workstations requiring usage limits.

=== OutKafe ===
[http://outkastsolutions.co.za/outkast/index.php?option=com_openwiki&id=outkafe OutKafe] is a free, open-source, GPL-licensed cybercafe solution based on a postgreSQL database server stack. It is run on hundreds of sites. It is GTK-based but can be run with Kubuntu (KDE).

=== OpenKiosk ===
[http://openkiosk.sourceforge.net/ OpenKiosk] is a free open source multi-platform server/client solution for administering and monitoring groups of workstations, such as in libraries, school labs, and internet cafes. Installation is from source files. See the website for details.

=== CafePilot ===
[http://sourceforge.net/projects/cafepilot/ CafePilot] is a free multi-platform Java-based server/client solution for real-time monitoring and billing of Cybercafe workstations. 

=== Miscellaneous solutions ===
[http://ask.slashdot.org/story/10/04/11/188217/What-Advice-For-a-Single-Parent-As-Server-Admin?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2FslashdotLinux+%28Slashdot%3A+Linux%29 This thread] discusses several other solutions, including:
* [http://www.untangle.com/ Untangle]
* [http://m0n0.ch/wall/ m0n0wall]
* [http://clearfoundation.com ClearOS]

=== Pessulus (Lockdown Editor) ===
Pessulus is a GTK (Gnome)-based utility that allows an a computer administrator to restrict acccess to several administrative functions, including the command-line Terminal and many other functions. This is useful on public kiosk PCs, for example. Install:
sudo apt-get install pessulus

= Cluster (cloud) computing =
[http://en.wikipedia.org/wiki/Cloud_computing Cloud computing] is the co-ordination of many servers to maximise computing resources and efficiency. The use of [http://en.wikipedia.org/wiki/Virtual_machine virtual machines], [http://en.wikipedia.org/wiki/Load_balancing_%28computing%29 load balancing], and [http://en.wikipedia.org/wiki/Virtual_LAN VLAN] technology are combined into an integrated system. Distributed computing and parallel processing underlies the networks of computers that are now used in a number of supercomputing applications.

== OpenStack cloud ==
[http://www.openstack.org/ OpenStack] is the technology currently used by Ubuntu for cloud computing as part of the [https://help.ubuntu.com/community/UbuntuCloudInfrastructure Ubuntu Cloud Infrastructure]. (Also see the [https://help.ubuntu.com/community/OpenStack Ubuntu community help].) It is now included as part of Ubuntu server versions (starting with 12.04 LTS Precise).
* See the [http://www.ubuntu.com/cloud/private-cloud Ubuntu private cloud] information to set up an OpenStack cluster.

== Eucalyptus cloud ==
[http://eucalyptus.cs.ucsb.edu/ Eucalyptus] is a project from University of California Santa Barbara to facilitate cluster computing on servers that have the [[Kubuntu_Raring_Virtual_Machines#Xen|Xen]] virtual machine implementation enabled. Prior to 11.10 (Oneiric) it was available for the Ubuntu server edition as the [https://help.ubuntu.com/community/UEC Ubuntu Enterprise Cloud].
* See the instructions for installing [http://www.eucalyptus.com/download/eucalyptus/debian Eucalyptus on Debian systems].

== Beowulf ==
The [http://en.wikipedia.org/wiki/Beowulf_cluster Beowulf] cluster computing project is one of the earliest cluster computing examples and provides the underpinning for a number of Linux-based supercomputing clusters. A Beowulf cluster is designed to function like a single supercomputer, and can be scaled to any number of nodes. It uses open source components. See this [http://byobu.info/wiki/Building_a_simple_Beowulf_Like_Cluster_with_Ubuntu introductory article] on creating a Beowulf cluster with Ubuntu.
* [http://svn.oscar.openclustergroup.org/trac/oscar OSCAR] is a software platform that allows the creation of a Beowulf cluster on RedHat or Debian/Ubuntu Linux servers. See [http://svn.oscar.openclustergroup.org/trac/oscar/wiki/repoTesting here] for instructions on installing the .deb packages from repositories.

== BOINC (Berkeley Open Infrastructure for Network Computing) ==
[http://en.wikipedia.org/wiki/Berkeley_Open_Infrastructure_for_Network_Computing BOINC] is middleware software developed at [http://en.wikipedia.org/wiki/Space_Sciences_Laboratory UC Berkeley] to allow multiple computers to operate as a grid-based (cloud based) supercomputer. There are over half a million computers participating in BOINC projects. To [http://wiki.debian.org/BOINC install BOINC] and participate in one or more of these projects:
sudo apt-get install boinc

== A warning about distributed computing ==
Cloud computing is often mistaken for remote hosting. While cloud computing using public hosts may be beneficial in "farming out" a few of your non-sensitive computing needs, the recent ease of cloning filesystems and the promiscuity of datacenters has placed a great deal of sensitive data at risk when databases and critical server functions themselves are remotely hosted at a site not under your complete control. Even "trusted" banks and other large businesses routinely trade and sell our sensitive "private" data to multiple partners (sometimes for profit and sometimes unwittingly). Hosted servers are compromised on a daily basis and it is not very easy for an end customer to know how effective are the security practices of a remote hosting service. Further, any data left on public storage devices (cloud servers) in the US for more than 180 days are subject to search and seizure by government agencies there. Therefore, it is almost always more secure to host your own server(s) in house and to limit the traffic and access to your databases and servers to members of your own organization. Learning how to run your own servers is worth the effort, and powerful hardware on which to run them is inexpensive these days.

The Ubuntu cloud computing environment allows you to recruit the multiple computers within your own organization for distributed ("cloud") computing and thereby keep it all "in house" (behind secure firewalls). You do not need to expose your organization to insecure remote public hosts in order to use cloud computing.

Template:U Raring/NetworkAdmin

Perspectoff — Sat, 08 Jun 2013 17:00:55 GMT

Perspectoff: /* OpenStack cloud */

= Network Monitors =
There are two types of network monitors: those that monitor your own system's network settings and those that monitor network traffic. The latter includes security tools (that can also be used as hackers tools) for exposing security weaknesses in a network. Be aware and be safe! A list of available tools is at [http://www.ubuntu-unleashed.com/2008/06/top-security-tools-in-ubuntu.html Top Ubuntu Security Tools].

=== Netstat ===
[[File:Prefapp1.png|18 px]] [http://www.faqs.org/docs/linux_network/x-087-2-iface.netstat.html Netstat] is the Linux command-line tool to monitor network status and functions. There are many usage parameters. See the manual for help.
netstat

=== Etherape (Network monitoring) ===
[[File:Prefapp1.png|18 px]] [http://etherape.sourceforge.net/ EtherApe] is a graphical utility that allows you to see (in real-time) where connections are being made on your network, or between your network (or computer) and the Internet. If you are experiencing unexpected network activity on your computer or LAN and wish to see where the activity is occurring, this is an easy tool to use. Both "local" user and "root user" installations are created; in general you must use the root user installation to see all your network traffic.
sudo apt-get install etherape

=== List open files ===
[[File:Prefapp1.png|18 px]] Sometimes you will see your network slowing and want to know which files are sending data over ports. Use this command:
lsof -i -n -P

=== Nmap ===
[[File:Prefapp1.png|18 px]] [http://nmap.org/ Nmap] is a free open source utility for network exploration (including showing open ports and running services) and security auditing. Install:
sudo apt-get install nmap

Scan your own PC:
nmap localhost

(Once you have found out which ports are open, use a [[#Firewall|firewall]] to close the ones you don't want open.)

==== Nmap GUI ====
Install:
sudo apt-get install nmapfe

:or you can try Zenmap:
sudo apt-get install zenmap

=== Nessus ===
[http://www.nessus.org Nessus] is a proprietary comprehensive vulnerability scanning suite that is free for personal, non-enterprise usage. See the website for details.

=== Snort ===
[http://www.snort.org/ Snort] is the de facto open source standard for intrusion detection. Install:
sudo apt-get install snort

It can be used with an MySQL database (sudo apt-get install snort-mysql) or with a PostgreSQL database (sudo apt-get install snort-pgsql).

==== AcidBase ====
[http://secureideas.sourceforge.net/ AcidBase] is an intrusion detection / basic analysis and security engine that uses Snort. Install:
sudo apt-get install acidbase

=== AppArmor ===
[http://en.opensuse.org/AppArmor AppArmor] is a set of security enhancements developed by Novell for SUSE Linux. It is installed in (K)ubuntu by default.

==== Disable AppArmor ====
AppArmor can prevent some services from running as expected and cannot be used in conjunction with SELinux. To disable it:
/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
apt-get remove apparmor apparmor-utils

=== SELinux ===
[http://en.wikipedia.org/wiki/Security-Enhanced_Linux SE Linux] (Security Enhanced Linux) is an NSA (US National Security Administration) recommended set of tools for enhanced security in Linux systems. It enforces strict access controls (privileges) and is meant for mission-critical installations. It is not suitable for the casual desktop user. It was first available in Hardy Heron and is being updated for Intrepid Ibex. It is not compatible with AppArmor (which must first be removed).
sudo apt-get install selinux

=== Knockd (Port security) ===
[[File:Prefapp1.png|18 px]] [http://www.zeroflux.org/projects/knock Knockd] is a small server that listens for a pre-defined sequence of port opening attempts (a "knock") before opening an otherwise closed firewall port for communications. Install:
sudo apt-get install knockd

= Network Management =
Monitor your network or datacenter with a framework of utilities. Comparable to IBM Tivoli (which can cost thousands of dollars), these solutions are generally available as either community or enterprise editions.
* [http://www.hyperic.com/products/open-source-systems-monitoring.html Hyperic] is an open-source network monitoring framework that can be used in either a datacenter or a cloud environment (it is used for Amazon Cloud). Both a free community version and a subscription enterprise version are available.
* [http://www.groundworkopensource.com/community/community-edition.html Groundwork OpenSource] offers a community edition that integrates other packages such as Nagios, Nmap, and others. There is a subscription enterprise version as well. It has its roots in a university setting.
* [http://www.openqrm.com/ OpenQRM] is the GPL-licensed, free open-source community successor to the very popular network monitoring solution Qlusters. It is [http://sourceforge.net/project/showfiles.php?group_id=153504 available] as a Debian/Ubuntu package. See the website for details.
* Canonical offers the [http://www.canonical.com/projects/landscape Landscape] network management service for $150 per node, with a free trial available.
* [http://www.zenoss.com/ Zenoss] is a commercial network monitoring subscription package (about $150/node) with a limited free "core" edition also available.

=== Nagios ===
[http://www.nagios.org/ Nagios] is a free open source network monitoring solution. It is administered from a web interface (<nowiki>http://localhost/nagios</nowiki>) and is expandable using a large number of available plugins. For additional configuration information, see the [https://help.ubuntu.com/10.04/serverguide/C/nagios.html official Ubuntu documentation]. Install:
sudo apt-get install nagios3

=== Munin ===
[http://munin-monitoring.org/ Munin] is a free GPL-licensed open source networking monitoring tool based on [http://en.wikipedia.org/wiki/RRDtool RRDTool], in which a master network node queries other network resources, cataloging and graphically displaying changes. It has a web interface and multiple plugins. For additional configuration information, see the [https://help.ubuntu.com/10.04/serverguide/C/munin.html official Ubuntu documentation]. [http://munin-monitoring.org/wiki/LinuxInstallation Install]:
sudo apt-get install munin

=== Cacti Monitoring Server ===
[http://www.cacti.net/ Cacti] is a complete, free open source network graphing solution designed to harness the power of [http://oss.oetiker.ch/rrdtool/ RRDTool]’s data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. It uses MySQL and PHP (part of the [[Ubuntu_Raring_Servers#LAMP_server_installation|LAMP]] server stack). All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices. For more info see [http://www.ubuntugeek.com/install-and-configure-cacti-monitoring-tool-in-ubuntu-810-intrepid-ibex-server.html Cacti Server Setup]. Install:
sudo apt-get install cacti

=== Cluster SSH ===
[http://sourceforge.net/apps/mediawiki/clusterssh/index.php?title=Main_Page ClusterSSH] allows replication of a command on an administration console to be replicated via SSH to multiple computers in a cluster. Install:
sudo apt-get install clusterssh

== Enterprise Network Firewall ==

=== IPCop ===
[http://www.ipcop.org IPCop] is a free open source (GPL-licensed) firewall solution for use as an independent appliance (on a dedicated PC) in an enterprise network. It allows remote management and can protect multiple servers, including web and email servers. IPSec-based OpenVPN is supported. The CD image .iso and other files can be downloaded [http://sourceforge.net/project/showfiles.php?group_id=40604&package_id=35093 here]. Installation instructions are on the website.

=== SmoothWall ===
[http://www.smoothwall.org/ SmoothWall Express] is an award-winning, free, open source (with a GPL license) firewall solution for use as an independent appliance (on a dedicated PC) in an enterprise network. Download the installation CD .iso image [http://www.smoothwall.org/get/ here] (server OS included), burn onto a CD, and install on a new, dedicated PC. Many features, however, such as VPN server, database access authentications, and content filtering are only implemented in a commercial version, however, and are not available in the community version.

=== Endian ===
[http://www.endian.com/en/community/about/ Endian] is a very robust, free, open source universal threat management appliance similar to IPCop and Smoothwall. It also incorporates OpenVPN. Like Smoothwall, Dansguardian is used for content filtering (and is included in the community edition). Commercial and hardware versions with some additional features, automatic updates, and professional support are available. See the website for details.

= LTSP (Thin client support) =
[http://www.ltsp.org/ LTSP] (the Linux Terminal Server Project) adds [http://en.wikipedia.org/wiki/Thin_client thin-client] support to Linux servers. The package is free, GPL-licensed, and the client can be used to run programs on either Linux or Windows LTSP servers. There is a module for classroom management (ltsp-controlaula) as well. Installation instructions are [https://help.ubuntu.com/community/UbuntuLTSP/LTSPQuickInstall here]. The alternate LiveCD can also be used to install a terminal server, as indicated in [http://www.ubuntu.com/products/whatisubuntu/serveredition/technologies/ltsp these instructions].

=== LTSP Server ===
Install:
sudo apt-get install ltsp-server ltsp-manager

=== LTSP Client ===
Install:
sudo apt-get ltsp-client

=== iTALC (Thin client for Education) ===
[http://italc.sourceforge.net/ iTALC] is a free, open source (GPL-licensed) thin client solution that supports both (K)Ubuntu Linux and Windows XP. It has been used widely in educational settings to monitor, share, and control multiple workstations. See the website for download and installation instructions.

== Internet Cafe software ==
Internet Cafe (or CyberCafe) software is specialized LAN-administration software that includes time usage monitoring, billing, and administration. It can also be used in schools, libraries, and organizations with multiple monitored workstations requiring usage limits.

=== OutKafe ===
[http://outkastsolutions.co.za/outkast/index.php?option=com_openwiki&id=outkafe OutKafe] is a free, open-source, GPL-licensed cybercafe solution based on a postgreSQL database server stack. It is run on hundreds of sites. It is GTK-based but can be run with Kubuntu (KDE).

=== OpenKiosk ===
[http://openkiosk.sourceforge.net/ OpenKiosk] is a free open source multi-platform server/client solution for administering and monitoring groups of workstations, such as in libraries, school labs, and internet cafes. Installation is from source files. See the website for details.

=== CafePilot ===
[http://www.dijitanix.com/ CafePilot] is a free multi-platform Java-based server/client solution for real-time monitoring and billing of Cybercafe workstations. A complete custom Ubuntu-based LiveCD server/multiple-client solution (including OS and many applications for unlimited workstations) is available for $100 [http://www.dijitanix.com/index.php/cucci here].

=== Miscellaneous solutions ===
[http://ask.slashdot.org/story/10/04/11/188217/What-Advice-For-a-Single-Parent-As-Server-Admin?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2FslashdotLinux+%28Slashdot%3A+Linux%29 This thread] discusses several other solutions, including:
* [http://www.untangle.com/ Untangle]
* [http://m0n0.ch/wall/ m0n0wall]
* [http://clearfoundation.com ClearOS]

=== Pessulus (Lockdown Editor) ===
Pessulus is a GTK (Gnome)-based utility that allows an a computer administrator to restrict acccess to several administrative functions, including the command-line Terminal and many other functions. This is useful on public kiosk PCs, for example. Install:
sudo apt-get install pessulus

= Cluster (cloud) computing =
[http://en.wikipedia.org/wiki/Cloud_computing Cloud computing] is the co-ordination of many servers to maximise computing resources and efficiency. The use of [http://en.wikipedia.org/wiki/Virtual_machine virtual machines], [http://en.wikipedia.org/wiki/Load_balancing_%28computing%29 load balancing], and [http://en.wikipedia.org/wiki/Virtual_LAN VLAN] technology are combined into an integrated system. Distributed computing and parallel processing underlies the networks of computers that are now used in a number of supercomputing applications.

== OpenStack cloud ==
[http://www.openstack.org/ OpenStack] is the technology currently used by Ubuntu for cloud computing as part of the [https://help.ubuntu.com/community/UbuntuCloudInfrastructure Ubuntu Cloud Infrastructure]. (Also see the [https://help.ubuntu.com/community/OpenStack Ubuntu community help].) It is now included as part of Ubuntu server versions (starting with 12.04 LTS Precise).
* See the [http://www.ubuntu.com/cloud/private-cloud Ubuntu private cloud] information to set up an OpenStack cluster.

== Eucalyptus cloud ==
[http://eucalyptus.cs.ucsb.edu/ Eucalyptus] is a project from University of California Santa Barbara to facilitate cluster computing on servers that have the [[Ubuntu_Raring_Virtual_Machines#Xen|Xen]] virtual machine implementation enabled. Prior to 11.10 (Oneiric) it was available for the Ubuntu server edition as the [https://help.ubuntu.com/community/UEC Ubuntu Enterprise Cloud].
* See the instructions for installing [http://www.eucalyptus.com/download/eucalyptus/debian Eucalyptus on Debian systems].

== Beowulf ==
The [http://en.wikipedia.org/wiki/Beowulf_cluster Beowulf] cluster computing project is one of the earliest cluster computing examples and provides the underpinning for a number of Linux-based supercomputing clusters. A Beowulf cluster is designed to function like a single supercomputer, and can be scaled to any number of nodes. It uses open source components. See this [http://byobu.info/wiki/Building_a_simple_Beowulf_Like_Cluster_with_Ubuntu introductory article] on creating a Beowulf cluster with Ubuntu.
* [http://svn.oscar.openclustergroup.org/trac/oscar OSCAR] is a software platform that allows the creation of a Beowulf cluster on RedHat or Debian/Ubuntu Linux servers. See [http://svn.oscar.openclustergroup.org/trac/oscar/wiki/repoTesting here] for instructions on installing the .deb packages from repositories.

== BOINC (Berkeley Open Infrastructure for Network Computing) ==
[http://en.wikipedia.org/wiki/Berkeley_Open_Infrastructure_for_Network_Computing BOINC] is middleware software developed at [http://en.wikipedia.org/wiki/Space_Sciences_Laboratory UC Berkeley] to allow multiple computers to operate as a grid-based (cloud based) supercomputer. There are over half a million computers participating in BOINC projects. To [http://wiki.debian.org/BOINC install BOINC] and participate in one or more of these projects:
sudo apt-get install boinc

== A warning about distributed computing ==
Cloud computing is often mistaken for remote hosting. While cloud computing using public hosts may be beneficial in "farming out" a few of your non-sensitive computing needs, the recent ease of cloning filesystems and the promiscuity of datacenters has placed a great deal of sensitive data at risk when databases and critical server functions themselves are remotely hosted at a site not under your complete control. Even "trusted" banks and other large businesses routinely trade and sell our sensitive "private" data to multiple partners (sometimes for profit and sometimes unwittingly). Hosted servers are compromised on a daily basis and it is not very easy for an end customer to know how effective are the security practices of a remote hosting service. Further, any data left on public storage devices (cloud servers) in the US for more than 180 days are subject to search and seizure by government agencies there. Therefore, it is almost always more secure to host your own server(s) in house and to limit the traffic and access to your databases and servers to members of your own organization. Learning how to run your own servers is worth the effort, and powerful hardware on which to run them is inexpensive these days.

The Ubuntu cloud computing environment allows you to recruit the multiple computers within your own organization for distributed ("cloud") computing and thereby keep it all "in house" (behind secure firewalls). You do not need to expose your organization to insecure remote public hosts in order to use cloud computing.

Template:U Quantal/NetworkAdmin

Perspectoff — Sat, 08 Jun 2013 17:00:15 GMT

Perspectoff: /* OpenStack cloud */

= Network Monitors =
There are two types of network monitors: those that monitor your own system's network settings and those that monitor network traffic. The latter includes security tools (that can also be used as hackers tools) for exposing security weaknesses in a network. Be aware and be safe! A list of available tools is at [http://www.ubuntu-unleashed.com/2008/06/top-security-tools-in-ubuntu.html Top Ubuntu Security Tools].

=== Netstat ===
[[File:Prefapp1.png|18 px]] [http://www.faqs.org/docs/linux_network/x-087-2-iface.netstat.html Netstat] is the Linux command-line tool to monitor network status and functions. There are many usage parameters. See the manual for help.
netstat

=== Etherape (Network monitoring) ===
[[File:Prefapp1.png|18 px]] [http://etherape.sourceforge.net/ EtherApe] is a graphical utility that allows you to see (in real-time) where connections are being made on your network, or between your network (or computer) and the Internet. If you are experiencing unexpected network activity on your computer or LAN and wish to see where the activity is occurring, this is an easy tool to use. Both "local" user and "root user" installations are created; in general you must use the root user installation to see all your network traffic.
sudo apt-get install etherape

=== List open files ===
[[File:Prefapp1.png|18 px]] Sometimes you will see your network slowing and want to know which files are sending data over ports. Use this command:
lsof -i -n -P

=== Nmap ===
[[File:Prefapp1.png|18 px]] [http://nmap.org/ Nmap] is a free open source utility for network exploration (including showing open ports and running services) and security auditing. Install:
sudo apt-get install nmap

Scan your own PC:
nmap localhost

(Once you have found out which ports are open, use a [[#Firewall|firewall]] to close the ones you don't want open.)

==== Nmap GUI ====
Install:
sudo apt-get install nmapfe

:or you can try Zenmap:
sudo apt-get install zenmap

=== Nessus ===
[http://www.nessus.org Nessus] is a proprietary comprehensive vulnerability scanning suite that is free for personal, non-enterprise usage. See the website for details.

=== Snort ===
[http://www.snort.org/ Snort] is the de facto open source standard for intrusion detection. Install:
sudo apt-get install snort

It can be used with an MySQL database (sudo apt-get install snort-mysql) or with a PostgreSQL database (sudo apt-get install snort-pgsql).

==== AcidBase ====
[http://secureideas.sourceforge.net/ AcidBase] is an intrusion detection / basic analysis and security engine that uses Snort. Install:
sudo apt-get install acidbase

=== AppArmor ===
[http://en.opensuse.org/AppArmor AppArmor] is a set of security enhancements developed by Novell for SUSE Linux. It is installed in (K)ubuntu by default.

==== Disable AppArmor ====
AppArmor can prevent some services from running as expected and cannot be used in conjunction with SELinux. To disable it:
/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
apt-get remove apparmor apparmor-utils

=== SELinux ===
[http://en.wikipedia.org/wiki/Security-Enhanced_Linux SE Linux] (Security Enhanced Linux) is an NSA (US National Security Administration) recommended set of tools for enhanced security in Linux systems. It enforces strict access controls (privileges) and is meant for mission-critical installations. It is not suitable for the casual desktop user. It was first available in Hardy Heron and is being updated for Intrepid Ibex. It is not compatible with AppArmor (which must first be removed).
sudo apt-get install selinux

=== Knockd (Port security) ===
[[File:Prefapp1.png|18 px]] [http://www.zeroflux.org/projects/knock Knockd] is a small server that listens for a pre-defined sequence of port opening attempts (a "knock") before opening an otherwise closed firewall port for communications. Install:
sudo apt-get install knockd

= Network Management =
Monitor your network or datacenter with a framework of utilities. Comparable to IBM Tivoli (which can cost thousands of dollars), these solutions are generally available as either community or enterprise editions.
*[http://www.hyperic.com/products/open-source-systems-monitoring.html Hyperic] is an open-source network monitoring framework that can be used in either a datacenter or a cloud environment (it is used for Amazon Cloud). Both a free community version and a subscription enterprise version are available.
*[http://www.groundworkopensource.com/community/community-edition.html Groundwork OpenSource] offers a community edition that integrates other packages such as Nagios, Nmap, and others. There is a subscription enterprise version as well. It has its roots in a university setting.
*[http://www.openqrm.com/ OpenQRM] is the GPL-licensed, free open-source community successor to the very popular network monitoring solution Qlusters. It is [http://sourceforge.net/project/showfiles.php?group_id=153504 available] as a Debian/Ubuntu package. See the website for details.
*Canonical offers the [http://www.canonical.com/projects/landscape Landscape] network management service for $150 per node, with a free trial available.
*[http://www.zenoss.com/ Zenoss] is a commercial network monitoring subscription package (about $150/node) with a limited free "core" edition also available.

=== Nagios ===
[http://www.nagios.org/ Nagios] is a free open source network monitoring solution. It is administered from a web interface (<nowiki>http://localhost/nagios</nowiki>) and is expandable using a large number of available plugins. For additional configuration information, see the [https://help.ubuntu.com/10.04/serverguide/C/nagios.html official Ubuntu documentation]. Install:
sudo apt-get install nagios3

=== Munin ===
[http://munin-monitoring.org/ Munin] is a free GPL-licensed open source networking monitoring tool based on [http://en.wikipedia.org/wiki/RRDtool RRDTool], in which a master network node queries other network resources, cataloging and graphically displaying changes. It has a web interface and multiple plugins. For additional configuration information, see the [https://help.ubuntu.com/10.04/serverguide/C/munin.html official Ubuntu documentation]. [http://munin-monitoring.org/wiki/LinuxInstallation Install]:
sudo apt-get install munin

=== Cacti Monitoring Server ===
[http://www.cacti.net/ Cacti] is a complete, free open source network graphing solution designed to harness the power of [http://oss.oetiker.ch/rrdtool/ RRDTool]’s data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. It uses MySQL and PHP (part of the [[Ubuntu:Quantal#LAMP_server_installation|LAMP]] server stack). All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices. For more info see [http://www.ubuntugeek.com/install-and-configure-cacti-monitoring-tool-in-ubuntu-810-intrepid-ibex-server.html Cacti Server Setup]. Install:
sudo apt-get install cacti

=== Cluster SSH ===
[http://sourceforge.net/apps/mediawiki/clusterssh/index.php?title=Main_Page ClusterSSH] allows replication of a command on an administration console to be replicated via SSH to multiple computers in a cluster. Install:
sudo apt-get install clusterssh

== Enterprise Network Firewall ==
=== IPCop ===
[http://www.ipcop.org IPCop] is a free open source (GPL-licensed) firewall solution for use as an independent appliance (on a dedicated PC) in an enterprise network. It allows remote management and can protect multiple servers, including web and email servers. IPSec-based OpenVPN is supported. The CD image .iso and other files can be downloaded [http://sourceforge.net/project/showfiles.php?group_id=40604&package_id=35093 here]. Installation instructions are on the website.

=== SmoothWall ===
[http://www.smoothwall.org/ SmoothWall Express] is an award-winning, free, open source (with a GPL license) firewall solution for use as an independent appliance (on a dedicated PC) in an enterprise network. Download the installation CD .iso image [http://www.smoothwall.org/get/ here] (server OS included), burn onto a CD, and install on a new, dedicated PC. Many features, however, such as VPN server, database access authentications, and content filtering are only implemented in a commercial version, however, and are not available in the community version.

=== Endian ===
[http://www.endian.com/en/community/about/ Endian] is a very robust, free, open source universal threat management appliance similar to IPCop and Smoothwall. It also incorporates OpenVPN. Like Smoothwall, Dansguardian is used for content filtering (and is included in the community edition). Commercial and hardware versions with some additional features, automatic updates, and professional support are available. See the website for details.

= LTSP (Thin client support) =
[http://www.ltsp.org/ LTSP] (the Linux Terminal Server Project) adds [http://en.wikipedia.org/wiki/Thin_client thin-client] support to Linux servers. The package is free, GPL-licensed, and the client can be used to run programs on either Linux or Windows LTSP servers. There is a module for classroom management (ltsp-controlaula) as well. Installation instructions are [https://help.ubuntu.com/community/UbuntuLTSP/LTSPQuickInstall here]. The alternate LiveCD can also be used to install a terminal server, as indicated in [http://www.ubuntu.com/products/whatisubuntu/serveredition/technologies/ltsp these instructions].
=== LTSP Server ===
Install:
sudo apt-get install ltsp-server ltsp-manager

=== LTSP Client ===
Install:
sudo apt-get ltsp-client

=== iTALC (Thin client for Education) ===
[http://italc.sourceforge.net/ iTALC] is a free, open source (GPL-licensed) thin client solution that supports both (K)Ubuntu Linux and Windows XP. It has been used widely in educational settings to monitor, share, and control multiple workstations. See the website for download and installation instructions.

== Internet Cafe software ==
Internet Cafe (or CyberCafe) software is specialized LAN-administration software that includes time usage monitoring, billing, and administration. It can also be used in schools, libraries, and organizations with multiple monitored workstations requiring usage limits.

=== OutKafe ===
[http://outkastsolutions.co.za/outkast/index.php?option=com_openwiki&id=outkafe OutKafe] is a free, open-source, GPL-licensed cybercafe solution based on a postgreSQL database server stack. It is run on hundreds of sites. It is GTK-based but can be run with Kubuntu (KDE).

=== OpenKiosk ===
[http://openkiosk.sourceforge.net/ OpenKiosk] is a free open source multi-platform server/client solution for administering and monitoring groups of workstations, such as in libraries, school labs, and internet cafes. Installation is from source files. See the website for details.

=== CafePilot ===
[http://www.dijitanix.com/ CafePilot] is a free multi-platform Java-based server/client solution for real-time monitoring and billing of Cybercafe workstations. A complete custom Ubuntu-based LiveCD server/multiple-client solution (including OS and many applications for unlimited workstations) is available for $100 [http://www.dijitanix.com/index.php/cucci here].

=== Miscellaneous solutions ===
[http://ask.slashdot.org/story/10/04/11/188217/What-Advice-For-a-Single-Parent-As-Server-Admin?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2FslashdotLinux+%28Slashdot%3A+Linux%29 This thread] discusses several other solutions, including:
*[http://www.untangle.com/ Untangle]
*[http://m0n0.ch/wall/ m0n0wall]
*[http://clearfoundation.com ClearOS]

=== Pessulus (Lockdown Editor) ===
Pessulus is a GTK (Gnome)-based utility that allows an a computer administrator to restrict acccess to several administrative functions, including the command-line Terminal and many other functions. This is useful on public kiosk PCs, for example. Install:
sudo apt-get install pessulus

= Cluster (cloud) computing =
[http://en.wikipedia.org/wiki/Cloud_computing Cloud computing] is the co-ordination of many servers to maximise computing resources and efficiency. The use of [http://en.wikipedia.org/wiki/Virtual_machine virtual machines], [http://en.wikipedia.org/wiki/Load_balancing_%28computing%29 load balancing], and [http://en.wikipedia.org/wiki/Virtual_LAN VLAN] technology are combined into an integrated system. Distributed computing and parallel processing underlies the networks of computers that are now used in a number of supercomputing applications.

== OpenStack cloud ==
[http://www.openstack.org/ OpenStack] is the technology currently used by Ubuntu for cloud computing as part of the [https://help.ubuntu.com/community/UbuntuCloudInfrastructure Ubuntu Cloud Infrastructure]. (Also see the [https://help.ubuntu.com/community/OpenStack Ubuntu community help].) It is now included as part of Ubuntu server versions (starting with 12.04 LTS Precise).
* See the [http://www.ubuntu.com/cloud/private-cloud Ubuntu private cloud] information to set up an OpenStack cluster.

== Eucalyptus cloud ==
[http://eucalyptus.cs.ucsb.edu/ Eucalyptus] is a project from University of California Santa Barbara to facilitate cluster computing on servers that have the [[Kubuntu:Quantal#Xen virtual machine host|Xen]] virtual machine implementation enabled. Prior to 11.10 (Oneiric) it was available for the Ubuntu server edition as the [https://help.ubuntu.com/community/UEC Ubuntu Enterprise Cloud].
* See the instructions for installing [http://www.eucalyptus.com/download/eucalyptus/debian Eucalyptus on Debian systems].

== Beowulf ==
The [http://en.wikipedia.org/wiki/Beowulf_cluster Beowulf] cluster computing project is one of the earliest cluster computing examples and provides the underpinning for a number of Linux-based supercomputing clusters. A Beowulf cluster is designed to function like a single supercomputer, and can be scaled to any number of nodes. It uses open source components. See this [http://byobu.info/wiki/Building_a_simple_Beowulf_Like_Cluster_with_Ubuntu introductory article] on creating a Beowulf cluster with Ubuntu.
* [http://svn.oscar.openclustergroup.org/trac/oscar OSCAR] is a software platform that allows the creation of a Beowulf cluster on RedHat or Debian/Ubuntu Linux servers. See [http://svn.oscar.openclustergroup.org/trac/oscar/wiki/repoTesting here] for instructions on installing the .deb packages from repositories.

== BOINC (Berkeley Open Infrastructure for Network Computing) ==
[http://en.wikipedia.org/wiki/Berkeley_Open_Infrastructure_for_Network_Computing BOINC] is middleware software developed at [http://en.wikipedia.org/wiki/Space_Sciences_Laboratory UC Berkeley] to allow multiple computers to operate as a grid-based (cloud based) supercomputer. There are over half a million computers participating in BOINC projects. To [http://wiki.debian.org/BOINC install BOINC] and participate in one or more of these projects:
sudo apt-get install boinc

== A warning about distributed computing ==
Cloud computing is often mistaken for remote hosting. While cloud computing using public hosts may be beneficial in "farming out" a few of your non-sensitive computing needs, the recent ease of cloning filesystems and the promiscuity of datacenters has placed a great deal of sensitive data at risk when databases and critical server functions themselves are remotely hosted at a site not under your complete control. Even "trusted" banks and other large businesses routinely trade and sell our sensitive "private" data to multiple partners (sometimes for profit and sometimes unwittingly). Hosted servers are compromised on a daily basis and it is not very easy for an end customer to know how effective are the security practices of a remote hosting service. Further, any data left on public storage devices (cloud servers) in the US for more than 180 days are subject to search and seizure by government agencies there. Therefore, it is almost always more secure to host your own server(s) in house and to limit the traffic and access to your databases and servers to members of your own organization. Learning how to run your own servers is worth the effort, and powerful hardware on which to run them is inexpensive these days.

The Ubuntu cloud computing environment allows you to recruit the multiple computers within your own organization for distributed ("cloud") computing and thereby keep it all "in house" (behind secure firewalls). You do not need to expose your organization to insecure remote public hosts in order to use cloud computing.

Template:K Quantal/NetworkAdmin

Perspectoff — Sat, 08 Jun 2013 16:59:27 GMT

Perspectoff: /* OpenStack cloud */

= Network Monitors =
There are two types of network monitors: those that monitor your own system's network settings and those that monitor network traffic. The latter includes security tools (that can also be used as hackers tools) for exposing security weaknesses in a network. Be aware and be safe! A list of available tools is at [http://www.ubuntu-unleashed.com/2008/06/top-security-tools-in-ubuntu.html Top Ubuntu Security Tools].

=== Netstat ===
[[File:Prefapp1.png|18 px]] [http://www.faqs.org/docs/linux_network/x-087-2-iface.netstat.html Netstat] is the Linux command-line tool to monitor network status and functions. There are many usage parameters. See the manual for help.
netstat

=== Etherape (Network monitoring) ===
[[File:Prefapp1.png|18 px]] [http://etherape.sourceforge.net/ EtherApe] is a graphical utility that allows you to see (in real-time) where connections are being made on your network, or between your network (or computer) and the Internet. If you are experiencing unexpected network activity on your computer or LAN and wish to see where the activity is occurring, this is an easy tool to use. Both "local" user and "root user" installations are created; in general you must use the root user installation to see all your network traffic.
sudo apt-get install etherape

=== List open files ===
[[File:Prefapp1.png|18 px]] Sometimes you will see your network slowing and want to know which files are sending data over ports. Use this command:
lsof -i -n -P

=== Nmap ===
[[File:Prefapp1.png|18 px]] [http://nmap.org/ Nmap] is a free open source utility for network exploration (including showing open ports and running services) and security auditing. Install:
sudo apt-get install nmap

Scan your own PC:
nmap localhost

(Once you have found out which ports are open, use a [[#Firewall|firewall]] to close the ones you don't want open.)

==== Nmap GUI ====
Install:
sudo apt-get install nmapfe

:or you can try Zenmap:
sudo apt-get install zenmap

=== Nessus ===
[http://www.nessus.org Nessus] is a proprietary comprehensive vulnerability scanning suite that is free for personal, non-enterprise usage. See the website for details.

=== Snort ===
[http://www.snort.org/ Snort] is the de facto open source standard for intrusion detection. Install:
sudo apt-get install snort

It can be used with an MySQL database (sudo apt-get install snort-mysql) or with a PostgreSQL database (sudo apt-get install snort-pgsql).

==== AcidBase ====
[http://secureideas.sourceforge.net/ AcidBase] is an intrusion detection / basic analysis and security engine that uses Snort. Install:
sudo apt-get install acidbase

=== AppArmor ===
[http://en.opensuse.org/AppArmor AppArmor] is a set of security enhancements developed by Novell for SUSE Linux. It is installed in (K)ubuntu by default.

==== Disable AppArmor ====
AppArmor can prevent some services from running as expected and cannot be used in conjunction with SELinux. To disable it:
/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
apt-get remove apparmor apparmor-utils

=== SELinux ===
[http://en.wikipedia.org/wiki/Security-Enhanced_Linux SE Linux] (Security Enhanced Linux) is an NSA (US National Security Administration) recommended set of tools for enhanced security in Linux systems. It enforces strict access controls (privileges) and is meant for mission-critical installations. It is not suitable for the casual desktop user. It was first available in Hardy Heron and is being updated for Intrepid Ibex. It is not compatible with AppArmor (which must first be removed).
sudo apt-get install selinux

=== Knockd (Port security) ===
[[File:Prefapp1.png|18 px]] [http://www.zeroflux.org/projects/knock Knockd] is a small server that listens for a pre-defined sequence of port opening attempts (a "knock") before opening an otherwise closed firewall port for communications. Install:
sudo apt-get install knockd

= Network Management =
Monitor your network or datacenter with a framework of utilities. Comparable to IBM Tivoli (which can cost thousands of dollars), these solutions are generally available as either community or enterprise editions.
* [http://www.hyperic.com/products/open-source-systems-monitoring.html Hyperic] is an open-source network monitoring framework that can be used in either a datacenter or a cloud environment (it is used for Amazon Cloud). Both a free community version and a subscription enterprise version are available.
* [http://www.groundworkopensource.com/community/community-edition.html Groundwork OpenSource] offers a community edition that integrates other packages such as Nagios, Nmap, and others. There is a subscription enterprise version as well. It has its roots in a university setting.
* [http://www.openqrm.com/ OpenQRM] is the GPL-licensed, free open-source community successor to the very popular network monitoring solution Qlusters. It is [http://sourceforge.net/project/showfiles.php?group_id=153504 available] as a Debian/Ubuntu package. See the website for details.
* Canonical offers the [http://www.canonical.com/projects/landscape Landscape] network management service for $150 per node, with a free trial available.
* [http://www.zenoss.com/ Zenoss] is a commercial network monitoring subscription package (about $150/node) with a limited free "core" edition also available.

=== Nagios ===
[http://www.nagios.org/ Nagios] is a free open source network monitoring solution. It is administered from a web interface (<nowiki>http://localhost/nagios</nowiki>) and is expandable using a large number of available plugins. For additional configuration information, see the [https://help.ubuntu.com/10.04/serverguide/C/nagios.html official Ubuntu documentation]. Install:
sudo apt-get install nagios3

=== Munin ===
[http://munin-monitoring.org/ Munin] is a free GPL-licensed open source networking monitoring tool based on [http://en.wikipedia.org/wiki/RRDtool RRDTool], in which a master network node queries other network resources, cataloging and graphically displaying changes. It has a web interface and multiple plugins. For additional configuration information, see the [https://help.ubuntu.com/10.04/serverguide/C/munin.html official Ubuntu documentation]. [http://munin-monitoring.org/wiki/LinuxInstallation Install]:
sudo apt-get install munin

=== Cacti Monitoring Server ===
[http://www.cacti.net/ Cacti] is a complete, free open source network graphing solution designed to harness the power of [http://oss.oetiker.ch/rrdtool/ RRDTool]’s data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. It uses MySQL and PHP (part of the [[Kubuntu_Quantal_Servers#LAMP_server_installation|LAMP]] server stack). All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices. For more info see [http://www.ubuntugeek.com/install-and-configure-cacti-monitoring-tool-in-ubuntu-810-intrepid-ibex-server.html Cacti Server Setup]. Install:
sudo apt-get install cacti

=== Cluster SSH ===
[http://sourceforge.net/apps/mediawiki/clusterssh/index.php?title=Main_Page ClusterSSH] allows replication of a command on an administration console to be replicated via SSH to multiple computers in a cluster. Install:
sudo apt-get install clusterssh

== Enterprise Network Firewall ==

=== IPCop ===
[http://www.ipcop.org IPCop] is a free open source (GPL-licensed) firewall solution for use as an independent appliance (on a dedicated PC) in an enterprise network. It allows remote management and can protect multiple servers, including web and email servers. IPSec-based OpenVPN is supported. The CD image .iso and other files can be downloaded [http://sourceforge.net/project/showfiles.php?group_id=40604&package_id=35093 here]. Installation instructions are on the website.

=== SmoothWall ===
[http://www.smoothwall.org/ SmoothWall Express] is an award-winning, free, open source (with a GPL license) firewall solution for use as an independent appliance (on a dedicated PC) in an enterprise network. Download the installation CD .iso image [http://www.smoothwall.org/get/ here] (server OS included), burn onto a CD, and install on a new, dedicated PC. Many features, however, such as VPN server, database access authentications, and content filtering are only implemented in a commercial version, however, and are not available in the community version.

=== Endian ===
[http://www.endian.com/en/community/about/ Endian] is a very robust, free, open source universal threat management appliance similar to IPCop and Smoothwall. It also incorporates OpenVPN. Like Smoothwall, Dansguardian is used for content filtering (and is included in the community edition). Commercial and hardware versions with some additional features, automatic updates, and professional support are available. See the website for details.

= LTSP (Thin client support) =
[http://www.ltsp.org/ LTSP] (the Linux Terminal Server Project) adds [http://en.wikipedia.org/wiki/Thin_client thin-client] support to Linux servers. The package is free, GPL-licensed, and the client can be used to run programs on either Linux or Windows LTSP servers. There is a module for classroom management (ltsp-controlaula) as well. Installation instructions are [https://help.ubuntu.com/community/UbuntuLTSP/LTSPQuickInstall here]. The alternate LiveCD can also be used to install a terminal server, as indicated in [http://www.ubuntu.com/products/whatisubuntu/serveredition/technologies/ltsp these instructions].

=== LTSP Server ===
Install:
sudo apt-get install ltsp-server ltsp-manager

=== LTSP Client ===
Install:
sudo apt-get ltsp-client

=== iTALC (Thin client for Education) ===
[http://italc.sourceforge.net/ iTALC] is a free, open source (GPL-licensed) thin client solution that supports both (K)Ubuntu Linux and Windows XP. It has been used widely in educational settings to monitor, share, and control multiple workstations. See the website for download and installation instructions.

== Internet Cafe software ==
Internet Cafe (or CyberCafe) software is specialized LAN-administration software that includes time usage monitoring, billing, and administration. It can also be used in schools, libraries, and organizations with multiple monitored workstations requiring usage limits.

=== OutKafe ===
[http://outkastsolutions.co.za/outkast/index.php?option=com_openwiki&id=outkafe OutKafe] is a free, open-source, GPL-licensed cybercafe solution based on a postgreSQL database server stack. It is run on hundreds of sites. It is GTK-based but can be run with Kubuntu (KDE).

=== OpenKiosk ===
[http://openkiosk.sourceforge.net/ OpenKiosk] is a free open source multi-platform server/client solution for administering and monitoring groups of workstations, such as in libraries, school labs, and internet cafes. Installation is from source files. See the website for details.

=== CafePilot ===
[http://www.dijitanix.com/ CafePilot] is a free multi-platform Java-based server/client solution for real-time monitoring and billing of Cybercafe workstations. A complete custom Ubuntu-based LiveCD server/multiple-client solution (including OS and many applications for unlimited workstations) is available for $100 [http://www.dijitanix.com/index.php/cucci here].

=== Miscellaneous solutions ===
[http://ask.slashdot.org/story/10/04/11/188217/What-Advice-For-a-Single-Parent-As-Server-Admin?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2FslashdotLinux+%28Slashdot%3A+Linux%29 This thread] discusses several other solutions, including:
* [http://www.untangle.com/ Untangle]
* [http://m0n0.ch/wall/ m0n0wall]
* [http://clearfoundation.com ClearOS]

=== Pessulus (Lockdown Editor) ===
Pessulus is a GTK (Gnome)-based utility that allows an a computer administrator to restrict acccess to several administrative functions, including the command-line Terminal and many other functions. This is useful on public kiosk PCs, for example. Install:
sudo apt-get install pessulus

= Cluster (cloud) computing =
[http://en.wikipedia.org/wiki/Cloud_computing Cloud computing] is the co-ordination of many servers to maximise computing resources and efficiency. The use of [http://en.wikipedia.org/wiki/Virtual_machine virtual machines], [http://en.wikipedia.org/wiki/Load_balancing_%28computing%29 load balancing], and [http://en.wikipedia.org/wiki/Virtual_LAN VLAN] technology are combined into an integrated system. Distributed computing and parallel processing underlies the networks of computers that are now used in a number of supercomputing applications.

== OpenStack cloud ==
[http://www.openstack.org/ OpenStack] is the technology currently used by Ubuntu for cloud computing as part of the [https://help.ubuntu.com/community/UbuntuCloudInfrastructure Ubuntu Cloud Infrastructure]. (Also see the [https://help.ubuntu.com/community/OpenStack Ubuntu community help].) It is now included as part of Ubuntu server versions (starting with 12.04 LTS Precise).
* See the [http://www.ubuntu.com/cloud/private-cloud Ubuntu private cloud] information to set up an OpenStack cluster.

== Eucalyptus cloud ==
[http://eucalyptus.cs.ucsb.edu/ Eucalyptus] is a project from University of California Santa Barbara to facilitate cluster computing on servers that have the [[Kubuntu_Quantal_Virtual_Machines#Xen|Xen]] virtual machine implementation enabled. Prior to 11.10 (Oneiric) it was available for the Ubuntu server edition as the [https://help.ubuntu.com/community/UEC Ubuntu Enterprise Cloud].
* See the instructions for installing [http://www.eucalyptus.com/download/eucalyptus/debian Eucalyptus on Debian systems].

== Beowulf ==
The [http://en.wikipedia.org/wiki/Beowulf_cluster Beowulf] cluster computing project is one of the earliest cluster computing examples and provides the underpinning for a number of Linux-based supercomputing clusters. A Beowulf cluster is designed to function like a single supercomputer, and can be scaled to any number of nodes. It uses open source components. See this [http://byobu.info/wiki/Building_a_simple_Beowulf_Like_Cluster_with_Ubuntu introductory article] on creating a Beowulf cluster with Ubuntu.
* [http://svn.oscar.openclustergroup.org/trac/oscar OSCAR] is a software platform that allows the creation of a Beowulf cluster on RedHat or Debian/Ubuntu Linux servers. See [http://svn.oscar.openclustergroup.org/trac/oscar/wiki/repoTesting here] for instructions on installing the .deb packages from repositories.

== BOINC (Berkeley Open Infrastructure for Network Computing) ==
[http://en.wikipedia.org/wiki/Berkeley_Open_Infrastructure_for_Network_Computing BOINC] is middleware software developed at [http://en.wikipedia.org/wiki/Space_Sciences_Laboratory UC Berkeley] to allow multiple computers to operate as a grid-based (cloud based) supercomputer. There are over half a million computers participating in BOINC projects. To [http://wiki.debian.org/BOINC install BOINC] and participate in one or more of these projects:
sudo apt-get install boinc

== A warning about distributed computing ==
Cloud computing is often mistaken for remote hosting. While cloud computing using public hosts may be beneficial in "farming out" a few of your non-sensitive computing needs, the recent ease of cloning filesystems and the promiscuity of datacenters has placed a great deal of sensitive data at risk when databases and critical server functions themselves are remotely hosted at a site not under your complete control. Even "trusted" banks and other large businesses routinely trade and sell our sensitive "private" data to multiple partners (sometimes for profit and sometimes unwittingly). Hosted servers are compromised on a daily basis and it is not very easy for an end customer to know how effective are the security practices of a remote hosting service. Further, any data left on public storage devices (cloud servers) in the US for more than 180 days are subject to search and seizure by government agencies there. Therefore, it is almost always more secure to host your own server(s) in house and to limit the traffic and access to your databases and servers to members of your own organization. Learning how to run your own servers is worth the effort, and powerful hardware on which to run them is inexpensive these days.

The Ubuntu cloud computing environment allows you to recruit the multiple computers within your own organization for distributed ("cloud") computing and thereby keep it all "in house" (behind secure firewalls). You do not need to expose your organization to insecure remote public hosts in order to use cloud computing.

Template:K Raring/NetworkAdmin

Perspectoff — Sat, 08 Jun 2013 16:58:38 GMT

Perspectoff: /* OpenStack cloud */

= Network Monitors =
There are two types of network monitors: those that monitor your own system's network settings and those that monitor network traffic. The latter includes security tools (that can also be used as hackers tools) for exposing security weaknesses in a network. Be aware and be safe! A list of available tools is at [http://www.ubuntu-unleashed.com/2008/06/top-security-tools-in-ubuntu.html Top Ubuntu Security Tools].

=== Netstat ===
[[File:Prefapp1.png|18 px]] [http://www.faqs.org/docs/linux_network/x-087-2-iface.netstat.html Netstat] is the Linux command-line tool to monitor network status and functions. There are many usage parameters. See the manual for help.
netstat

=== Etherape (Network monitoring) ===
[[File:Prefapp1.png|18 px]] [http://etherape.sourceforge.net/ EtherApe] is a graphical utility that allows you to see (in real-time) where connections are being made on your network, or between your network (or computer) and the Internet. If you are experiencing unexpected network activity on your computer or LAN and wish to see where the activity is occurring, this is an easy tool to use. Both "local" user and "root user" installations are created; in general you must use the root user installation to see all your network traffic.
sudo apt-get install etherape

=== List open files ===
[[File:Prefapp1.png|18 px]] Sometimes you will see your network slowing and want to know which files are sending data over ports. Use this command:
lsof -i -n -P

=== Nmap ===
[[File:Prefapp1.png|18 px]] [http://nmap.org/ Nmap] is a free open source utility for network exploration (including showing open ports and running services) and security auditing. Install:
sudo apt-get install nmap

Scan your own PC:
nmap localhost

(Once you have found out which ports are open, use a [[#Firewall|firewall]] to close the ones you don't want open.)

==== Nmap GUI ====
Install:
sudo apt-get install nmapfe

:or you can try Zenmap:
sudo apt-get install zenmap

=== Nessus ===
[http://www.nessus.org Nessus] is a proprietary comprehensive vulnerability scanning suite that is free for personal, non-enterprise usage. See the website for details.

=== Snort ===
[http://www.snort.org/ Snort] is the de facto open source standard for intrusion detection. Install:
sudo apt-get install snort

It can be used with an MySQL database (sudo apt-get install snort-mysql) or with a PostgreSQL database (sudo apt-get install snort-pgsql).

==== AcidBase ====
[http://secureideas.sourceforge.net/ AcidBase] is an intrusion detection / basic analysis and security engine that uses Snort. Install:
sudo apt-get install acidbase

=== AppArmor ===
[http://en.opensuse.org/AppArmor AppArmor] is a set of security enhancements developed by Novell for SUSE Linux. It is installed in (K)ubuntu by default.

==== Disable AppArmor ====
AppArmor can prevent some services from running as expected and cannot be used in conjunction with SELinux. To disable it:
/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
apt-get remove apparmor apparmor-utils

=== SELinux ===
[http://en.wikipedia.org/wiki/Security-Enhanced_Linux SE Linux] (Security Enhanced Linux) is an NSA (US National Security Administration) recommended set of tools for enhanced security in Linux systems. It enforces strict access controls (privileges) and is meant for mission-critical installations. It is not suitable for the casual desktop user. It was first available in Hardy Heron and is being updated for Intrepid Ibex. It is not compatible with AppArmor (which must first be removed).
sudo apt-get install selinux

=== Knockd (Port security) ===
[[File:Prefapp1.png|18 px]] [http://www.zeroflux.org/projects/knock Knockd] is a small server that listens for a pre-defined sequence of port opening attempts (a "knock") before opening an otherwise closed firewall port for communications. Install:
sudo apt-get install knockd

= Network Management =
Monitor your network or datacenter with a framework of utilities. Comparable to IBM Tivoli (which can cost thousands of dollars), these solutions are generally available as either community or enterprise editions.
* [http://www.hyperic.com/products/open-source-systems-monitoring.html Hyperic] is an open-source network monitoring framework that can be used in either a datacenter or a cloud environment (it is used for Amazon Cloud). Both a free community version and a subscription enterprise version are available.
* [http://www.groundworkopensource.com/community/community-edition.html Groundwork OpenSource] offers a community edition that integrates other packages such as Nagios, Nmap, and others. There is a subscription enterprise version as well. It has its roots in a university setting.
* [http://www.openqrm.com/ OpenQRM] is the GPL-licensed, free open-source community successor to the very popular network monitoring solution Qlusters. It is [http://sourceforge.net/project/showfiles.php?group_id=153504 available] as a Debian/Ubuntu package. See the website for details.
* Canonical offers the [http://www.canonical.com/projects/landscape Landscape] network management service for $150 per node, with a free trial available.
* [http://www.zenoss.com/ Zenoss] is a commercial network monitoring subscription package (about $150/node) with a limited free "core" edition also available.

=== Nagios ===
[http://www.nagios.org/ Nagios] is a free open source network monitoring solution. It is administered from a web interface (<nowiki>http://localhost/nagios</nowiki>) and is expandable using a large number of available plugins. For additional configuration information, see the [https://help.ubuntu.com/10.04/serverguide/C/nagios.html official Ubuntu documentation]. Install:
sudo apt-get install nagios3

=== Munin ===
[http://munin-monitoring.org/ Munin] is a free GPL-licensed open source networking monitoring tool based on [http://en.wikipedia.org/wiki/RRDtool RRDTool], in which a master network node queries other network resources, cataloging and graphically displaying changes. It has a web interface and multiple plugins. For additional configuration information, see the [https://help.ubuntu.com/10.04/serverguide/C/munin.html official Ubuntu documentation]. [http://munin-monitoring.org/wiki/LinuxInstallation Install]:
sudo apt-get install munin

=== Cacti Monitoring Server ===
[http://www.cacti.net/ Cacti] is a complete, free open source network graphing solution designed to harness the power of [http://oss.oetiker.ch/rrdtool/ RRDTool]’s data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. It uses MySQL and PHP (part of the [[Kubuntu_Raring_Servers#LAMP_server_installation|LAMP]] server stack). All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices. For more info see [http://www.ubuntugeek.com/install-and-configure-cacti-monitoring-tool-in-ubuntu-810-intrepid-ibex-server.html Cacti Server Setup]. Install:
sudo apt-get install cacti

=== Cluster SSH ===
[http://sourceforge.net/apps/mediawiki/clusterssh/index.php?title=Main_Page ClusterSSH] allows replication of a command on an administration console to be replicated via SSH to multiple computers in a cluster. Install:
sudo apt-get install clusterssh

== Enterprise Network Firewall ==

=== IPCop ===
[http://www.ipcop.org IPCop] is a free open source (GPL-licensed) firewall solution for use as an independent appliance (on a dedicated PC) in an enterprise network. It allows remote management and can protect multiple servers, including web and email servers. IPSec-based OpenVPN is supported. The CD image .iso and other files can be downloaded [http://sourceforge.net/project/showfiles.php?group_id=40604&package_id=35093 here]. Installation instructions are on the website.

=== SmoothWall ===
[http://www.smoothwall.org/ SmoothWall Express] is an award-winning, free, open source (with a GPL license) firewall solution for use as an independent appliance (on a dedicated PC) in an enterprise network. Download the installation CD .iso image [http://www.smoothwall.org/get/ here] (server OS included), burn onto a CD, and install on a new, dedicated PC. Many features, however, such as VPN server, database access authentications, and content filtering are only implemented in a commercial version, however, and are not available in the community version.

=== Endian ===
[http://www.endian.com/en/community/about/ Endian] is a very robust, free, open source universal threat management appliance similar to IPCop and Smoothwall. It also incorporates OpenVPN. Like Smoothwall, Dansguardian is used for content filtering (and is included in the community edition). Commercial and hardware versions with some additional features, automatic updates, and professional support are available. See the website for details.

= LTSP (Thin client support) =
[http://www.ltsp.org/ LTSP] (the Linux Terminal Server Project) adds [http://en.wikipedia.org/wiki/Thin_client thin-client] support to Linux servers. The package is free, GPL-licensed, and the client can be used to run programs on either Linux or Windows LTSP servers. There is a module for classroom management (ltsp-controlaula) as well. Installation instructions are [https://help.ubuntu.com/community/UbuntuLTSP/LTSPQuickInstall here]. The alternate LiveCD can also be used to install a terminal server, as indicated in [http://www.ubuntu.com/products/whatisubuntu/serveredition/technologies/ltsp these instructions].

=== LTSP Server ===
Install:
sudo apt-get install ltsp-server ltsp-manager

=== LTSP Client ===
Install:
sudo apt-get ltsp-client

=== iTALC (Thin client for Education) ===
[http://italc.sourceforge.net/ iTALC] is a free, open source (GPL-licensed) thin client solution that supports both (K)Ubuntu Linux and Windows XP. It has been used widely in educational settings to monitor, share, and control multiple workstations. See the website for download and installation instructions.

== Internet Cafe software ==
Internet Cafe (or CyberCafe) software is specialized LAN-administration software that includes time usage monitoring, billing, and administration. It can also be used in schools, libraries, and organizations with multiple monitored workstations requiring usage limits.

=== OutKafe ===
[http://outkastsolutions.co.za/outkast/index.php?option=com_openwiki&id=outkafe OutKafe] is a free, open-source, GPL-licensed cybercafe solution based on a postgreSQL database server stack. It is run on hundreds of sites. It is GTK-based but can be run with Kubuntu (KDE).

=== OpenKiosk ===
[http://openkiosk.sourceforge.net/ OpenKiosk] is a free open source multi-platform server/client solution for administering and monitoring groups of workstations, such as in libraries, school labs, and internet cafes. Installation is from source files. See the website for details.

=== CafePilot ===
[http://www.dijitanix.com/ CafePilot] is a free multi-platform Java-based server/client solution for real-time monitoring and billing of Cybercafe workstations. A complete custom Ubuntu-based LiveCD server/multiple-client solution (including OS and many applications for unlimited workstations) is available for $100 [http://www.dijitanix.com/index.php/cucci here].

=== Miscellaneous solutions ===
[http://ask.slashdot.org/story/10/04/11/188217/What-Advice-For-a-Single-Parent-As-Server-Admin?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2FslashdotLinux+%28Slashdot%3A+Linux%29 This thread] discusses several other solutions, including:
* [http://www.untangle.com/ Untangle]
* [http://m0n0.ch/wall/ m0n0wall]
* [http://clearfoundation.com ClearOS]

=== Pessulus (Lockdown Editor) ===
Pessulus is a GTK (Gnome)-based utility that allows an a computer administrator to restrict acccess to several administrative functions, including the command-line Terminal and many other functions. This is useful on public kiosk PCs, for example. Install:
sudo apt-get install pessulus

= Cluster (cloud) computing =
[http://en.wikipedia.org/wiki/Cloud_computing Cloud computing] is the co-ordination of many servers to maximise computing resources and efficiency. The use of [http://en.wikipedia.org/wiki/Virtual_machine virtual machines], [http://en.wikipedia.org/wiki/Load_balancing_%28computing%29 load balancing], and [http://en.wikipedia.org/wiki/Virtual_LAN VLAN] technology are combined into an integrated system. Distributed computing and parallel processing underlies the networks of computers that are now used in a number of supercomputing applications.

== OpenStack cloud ==
[http://www.openstack.org/ OpenStack] is the technology currently used by Ubuntu for cloud computing as part of the [https://help.ubuntu.com/community/UbuntuCloudInfrastructure Ubuntu Cloud Infrastructure]. (Also see the [https://help.ubuntu.com/community/OpenStack Ubuntu community help].) It is now included as part of Ubuntu server versions (starting with 12.04 LTS Precise).
* See the [http://www.ubuntu.com/cloud/private-cloud Ubuntu private cloud] information to set up an OpenStack cluster.

== Eucalyptus cloud ==
[http://eucalyptus.cs.ucsb.edu/ Eucalyptus] is a project from University of California Santa Barbara to facilitate cluster computing on servers that have the [[Kubuntu_Raring_Virtual_Machines#Xen|Xen]] virtual machine implementation enabled. Prior to 11.10 (Oneiric) it was available for the Ubuntu server edition as the [https://help.ubuntu.com/community/UEC Ubuntu Enterprise Cloud].
* See the instructions for installing [http://www.eucalyptus.com/download/eucalyptus/debian Eucalyptus on Debian systems].

== Beowulf ==
The [http://en.wikipedia.org/wiki/Beowulf_cluster Beowulf] cluster computing project is one of the earliest cluster computing examples and provides the underpinning for a number of Linux-based supercomputing clusters. A Beowulf cluster is designed to function like a single supercomputer, and can be scaled to any number of nodes. It uses open source components. See this [http://byobu.info/wiki/Building_a_simple_Beowulf_Like_Cluster_with_Ubuntu introductory article] on creating a Beowulf cluster with Ubuntu.
* [http://svn.oscar.openclustergroup.org/trac/oscar OSCAR] is a software platform that allows the creation of a Beowulf cluster on RedHat or Debian/Ubuntu Linux servers. See [http://svn.oscar.openclustergroup.org/trac/oscar/wiki/repoTesting here] for instructions on installing the .deb packages from repositories.

== BOINC (Berkeley Open Infrastructure for Network Computing) ==
[http://en.wikipedia.org/wiki/Berkeley_Open_Infrastructure_for_Network_Computing BOINC] is middleware software developed at [http://en.wikipedia.org/wiki/Space_Sciences_Laboratory UC Berkeley] to allow multiple computers to operate as a grid-based (cloud based) supercomputer. There are over half a million computers participating in BOINC projects. To [http://wiki.debian.org/BOINC install BOINC] and participate in one or more of these projects:
sudo apt-get install boinc

== A warning about distributed computing ==
Cloud computing is often mistaken for remote hosting. While cloud computing using public hosts may be beneficial in "farming out" a few of your non-sensitive computing needs, the recent ease of cloning filesystems and the promiscuity of datacenters has placed a great deal of sensitive data at risk when databases and critical server functions themselves are remotely hosted at a site not under your complete control. Even "trusted" banks and other large businesses routinely trade and sell our sensitive "private" data to multiple partners (sometimes for profit and sometimes unwittingly). Hosted servers are compromised on a daily basis and it is not very easy for an end customer to know how effective are the security practices of a remote hosting service. Further, any data left on public storage devices (cloud servers) in the US for more than 180 days are subject to search and seizure by government agencies there. Therefore, it is almost always more secure to host your own server(s) in house and to limit the traffic and access to your databases and servers to members of your own organization. Learning how to run your own servers is worth the effort, and powerful hardware on which to run them is inexpensive these days.

The Ubuntu cloud computing environment allows you to recruit the multiple computers within your own organization for distributed ("cloud") computing and thereby keep it all "in house" (behind secure firewalls). You do not need to expose your organization to insecure remote public hosts in order to use cloud computing.

Alternatives

Perspectoff — Sat, 08 Jun 2013 16:32:21 GMT

Perspectoff:

== Audio ==

==== Audio Player ====
: ''Winamp; Windows Media Player''
* [http://audacious-media-player.org/ Audacious]
* [http://amarok.kde.org/ amaroK]
* [http://bmpx.beep-media-player.org/site/BMPx_Homepage BMPx]
* [http://www.banshee-project.org/Main_Page Banshee]
* [http://www.jinzora.org/ Jinzora]
* [http://www.gnome.org/projects/rhythmbox/ Rhythmbox]
* [http://mesk.nicfit.net/ Mesk]
* [http://www.xmms.org/ XMMS]
* [http://zinf.org/about.php Zinf]
* [http://exaile.org/ Exaile!]
* [http://www.videolan.org/vlc/ VLC]
* [http://getsongbird.com/ Songbird]

==== Audio Editor ====
: ''SoundForge; Adobe Audition''
* [http://audacity.sourceforge.net/ Audacity]
* [http://lmms.sourceforge.net/ LMMS]
* [http://www.rosegardenmusic.com/ Rosegarden]
* [http://www.metadecks.org/software/sweep/ Sweep]
* [http://glame.sourceforge.net Glume]
* [http://rezound.sourceforge.net/ ReZound]
* [http://wired.epitech.net/ Wired]
* [http://ardour.org/ Ardour]

==== Stream Browser ====
* [http://www.nongnu.org/streamtuner/ Streamtuner]
* [http://www.last.fm/ last.fm]

==== CD Ripper ====
* [http://www.gnomefiles.org/app.php?soft_id=531 Goobox]
* [http://wiki.hydrogenaudio.org/index.php?title=Rubyripper Rubyripper]
* [http://arson.sourceforge.net/ Arson]
* [http://nostatic.org/grip/ GRip]
* [http://burtonini.com/blog/computers/sound-juicer Sound Juicer]

== Video ==

==== Video Player ====
: ''BSplayer; Windows Media Player; VLC''
* [http://xinehq.de/ Xine]
* [http://xt7-player.sourceforge.net/xt7forum/viewtopic.php?f=4&t=2 Xt7-Player]
* [http://www.mplayerhq.hu/homepage/design7/news.html MPlayer]
* [http://kaffeine.sourceforge.net/ Kaffeine]
* [http://www.videolan.org/vlc/ VLC]
* [http://www.gnome.org/projects/totem/ Totem]
* [[Netflix|Netflix]]

==== Video Editor ====
: ''Adobe Premiere''
* [http://www.kinodv.org/ Kino]
* [http://heroinewarrior.com/cinelerra.php3 Cinelerra]
* [http://www.jahshaka.org/ Jahshaka]
* [http://lives.sourceforge.net/ LiVES]
* [http://www.diva-project.org/ Diva]
* [http://fixounet.free.fr/avidemux/ Avidemux]
* [http://iriverter.thestaticvoid.org/ Iriverter]

==== DVD Authoring Software ====
: ''Adobe Encore, TMPGEnc DVD Author, Roxio DVDit''
* [http://www.bombono.org/ Bombono DVD]
* [http://qdvdauthor.sourceforge.net/ QDVDAuthor]
* [http://tovid.wikia.com/wiki/Tovid_Wiki tovid]

==== DVD Ripper ====
* [http://untrepid.com/acidrip/ AcidRip]
* [http://www.exit1.org/dvdrip/ dvd::rip]
* [http://handbrake.m0k.org/ Handbrake]
* [http://k9copy.sourceforge.net/ k9copy]
* [http://www.gnome.org/projects/brasero/ Brasero]
* [http://dvdrippingsoftwares.com/convertdvd/dvd-to-ipad-freeware.html/ dvd to ipad 2]
==== Screen Capture ====
* [http://live.gnome.org/ Istanbul Istanbul]
* [http://xvidcap.sourceforge.net/ Xvidcap]
* [http://recordmydesktop.sourceforge.net/ recordMyDesktop]

== Graphics & Design ==

==== Image viewer ====
* [http://www.digikam.org/ digiKam]
* [http://gthumb.sourceforge.net/ gThumb]
* [http://gwenview.sourceforge.net/ Gwenview]
* [http://www.xnview.com/ XnView]
* [http://gqview.sourceforge.net/ GQview]
* [http://goby.sourceforge.net Goby]
* [http://www.klografx.net/qiv/index2.html Quick Image Viewer]

==== Image organizer ====
: ''Picasa''
* [http://www.gnome.org/projects/f-spot/ F-Spot]
* [http://picasa.google.com/ Picasa]

==== Image editor ====
: ''Adobe Photoshop''
* [http://gimp.org/ GIMP]
* [http://krita.org/ Krita]
* [http://www.tuxpaint.org/ Tux Paint]
* [http://mtpaint.sourceforge.net/ mtPaint]
* [http://sf-xpaint.sourceforge.net/ XPaint]

==== Vectorgraphics editor ====
: ''CorelDraw''
* [http://inkscape.org/ Inkscape]
* [http://www.synfig.com/ Synfig]

==== 3D Modeler ====
: ''3D Max; Maya''
* [http://www.blender3d.com/cms/Home.2.0.html Blender3D]
* [http://www.wings3d.com/ Wings 3D]
* [http://www.equinox3d.com/ Equinox-3D]
* [http://www.misfitcode.com/misfitmodel3d/ Misfit Model 3D]
* [http://sharp3d.sourceforge.net/mediawiki/ Sharp 3D]

==== Computer Aided Design ====
: ''AutoCAD; MathCAD''
* [http://www.ribbonsoft.com/qcad.html qCAD]
* [http://brlcad.org/ BRL-CAD]
* [http://www.cadcam.co.at/freiter/gCAD3D.htm gCAD3D]
* [http://www.askoh.com/freecad/index.html FreeCAD]

== Internet & Network ==
====Internet Broadband Connection====
* [http://huaweie220.blogspot.com support most of 3G devices]
==== Internet Browser ====
: ''Internet Explorer''
* [http://www.mozilla.com/firefox/ Firefox] aka Iceweasel
* [http://www.opera.com/ Opera]
* [http://www.mozilla.org/projects/seamonkey/ SeaMonkey]
* [http://www.konqueror.org/ Konqueror]
* [http://galeon.sourceforge.net/ Galeon]
* [http://dillo.org/ Dillo]
* [http://lynx.browser.org/ Lynx] - Text browser for the World Wide Web

==== E-mail ====
: ''Outlook Express, Outlook''
* [http://www.gnome.org/projects/evolution/ Evolution]
* [http://www.mozilla.com/thunderbird/ Thunderbird]
* [http://kmail.kde.org/ KMail]

==== Usenet/Newsreader ====
: ''Outlook Express, Forte Agent''
* [http://pan.rebelbase.com/ Pan]

==== RSS Feed Reader ====
* [http://liferea.sourceforge.net/ Liferea]
* [http://akregator.sourceforge.net/ aKregator]
* [http://www.gnome.org/projects/straw/ Straw]
* [http://www.cincomsmalltalk.com/BottomFeeder/ BottomFeeder]
* [http://www.rssowl.org/ RSSOwl]

==== FTP Client ====
: ''FileZilla; WS_FTP''
* [http://gftp.seul.org/ gFTP]
* [http://filezilla-project.org/ FileZilla]

==== Instant messenger ====
: ''AIM; ICQ; MSN; Yahoo!; Jabber; Gadu-gadu''
* [http://pidgin.im/ Pidgin] (Formerly GAIM)
* [http://kopete.kde.org/ Kopete]
* [http://www.bitlbee.org/ BitlBee]
* [http://www.amsn-project.net/ aMSN]
* [http://gyachi.sourceforge.net/ GYachI] - enables Yahoo! webcam
* [http://www.kadu.net/ Kadu]

==== Internet Relay Chat ====
: ''mIRC''
* [http://xchat.org XChat]
* [http://irssi.org Irssi]
* [http://www.bitchx.org/ BitchX]
* [http://konversation.kde.org/ Konversation]
* [http://www.kvirc.net/ KVirc]

==== Direct Connect ====
: ''DC++''
* [http://dcgui.berlios.de/ Valknut]
* [http://linuxdcpp.berlios.de/articles.php?um=index Linux DC++]

==== Torrents ====
: ''Torrent clients''
* Also see the Torrent client articles for the current LTS version of [[Ubuntu_Precise_Internet#Filesharing_.2F_P2P|Ubuntu]] or [[Kubuntu_Precise_Internet#Filesharing_.2F_P2P|Kubuntu]].
* [http://deluge-torrent.org/ Deluge]
* [http://www.bittornado.com/ BitTornado]
* [http://aria2.sourceforge.net/ aria2]
* [http://azureus.sourceforge.net/ Azureus]
* [http://transmission.m0k.org/ Transmission]
* [http://ktorrent.org/ KTorrent]
* [http://amedias.org/~koke/gnome-torrent/ Gnome Torrent]
* [http://gnome-bt.sourceforge.net/ GnomeBT]
* [http://qbittorrent.sourceforge.net/ qBittorrent]

==== P2P ====
: ''eMule, LimeWire''
* [http://www.amule.org/ aMule]
* [http://www.limewire.com LimeWire]
* [http://gtk-gnutella.sourceforge.net/ GTK-Gnutella]

==== VoIP ====
: ''Skype''
* [http://www.skype.com Skype]
* [http://www.gizmoproject.com/ Gizmo]
* [http://www.gnomemeeting.org/ Ekiga]
* [http://www.openwengo.org/ Wengo]

== Graphical User Interface ==

==== Desktop Environment ====
: ''Explorer, Aston, GeoShell''
* [http://www.kde.org/ KDE]
* [http://www.gnome.org/ Gnome]
* [http://www.xfce.org/ Xfce]
* [http://www.enlightenment.org/ Enlightenment]
* [http://rox.sourceforge.net/desktop/ ROX]
* [http://www.xpde.com/ XPde]

==== Window Manager ====
: ''Explorer, WindowsBlind, bb4win''
* [http://www.fluxbox.org/ FluxBox]
* [http://www.freedesktop.org/wiki/Software/waimea Waimea]
* [http://icculus.org/openbox/ OpenBox]
* [http://www.icewm.org/ IceWM]
* [http://integrity.sourceforge.net/ Integrity]
* [http://www.fvwm.org/ FVWM]
* [http://www.afterstep.org/ AfterStep]
* [http://projects.o-hand.com/matchbox/ Matchbox] - for PDA's

== Development ==

==== Web ====
: ''Dreamweaver''
* [http://www.aptana.com/ Aptana]
* [http://www.nvu.com/ Nvu]
* [http://bluefish.openoffice.nl/ Bluefish]
* [http://cssed.sourceforge.net/ cssed] - CSS Editor
* [http://quanta.kdewebdev.org/ Quanta Plus]
* [http://www.screem.org/ Screem]
* [http://www.kompozer.net/ KompoZer]

==== IDE ====
: ''MS Visual studio''
* [http://www.kdevelop.org/ KDevelop]
* [http://www.netbeans.org/ NetBeans]
* [http://anjuta.sourceforge.net/ Anjuta] - Anjuta is a versatile IDE for C and C++, written for GTK/GNOME
* [http://www.eclipse.org/ Eclipse] - An extensible frameworks, tools and runtimes for building, deploying and managing software across the lifecycle
* [http://www.die-offenbachs.de/detlev/eric.html Eric] - Python IDE
* [http://stani.be/python/spe/blog/ SPE] - Stani's Python Editor
* [http://trolltech.com/downloads/opensource Qt]

== Education ==
* [http://www.stellarium.org/ Stellarium] - Virtual Palanetarium
* [http://edu.kde.org/ The KDE Edutainment Project]
* [http://freemind.sourceforge.net/wiki/index.php/Main_Page FreeMind] - Mind Mapping
* [http://maxima.sourceforge.net/ Maxima] with the [http://wxmaxima.sourceforge.net/ wxMaxima GUI] - Mathematica and Maple equivalent CAS

== Games ==
: ''only free or opensource games listed''

==== Action ====
* [http://red.planetarena.org/ Alien Arena 2007]
* [http://crystalcore.svanfeldt.com/ Crystal Core]
* [http://www.cubeengine.com/ Cube]
* [http://www.enemyterritory.com/ Enemy Territory: Quake Wars]
* [http://ioquake3.org/ ioQuake3]
* [http://legendsthegame.net/ Legends]
* [http://www.alientrap.org/nexuiz/ Nexuiz]
* [http://www.openarena.ws/ OpenArena]
* [http://www.s2games.com/savage/ Savage: Battle for Newerth]
* [http://www.transfusion-game.com/ Transfusion]
* [http://www.tremulous.net/ Tremulous]
* [http://www.warsow.net/ Warsow]

==== RPG ====
* [http://home.gna.org/oomadness/en/balazar/ Balazar]
* [http://www.eternal-lands.com/index.php Eternal Lands]
* [http://www.graalonline.com/ GraalOnline]
* [http://www.zeropointgameplay.com/ Mistlands]
* [http://www.planeshift.it/main_01.html PlaneShift]
* [http://secondlife.com/ Second Life]
* [http://www.wesnoth.org/ The Battle for Wesnoth]

==== Racing ====
* [http://ecksdee.sourceforge.net/ Ecksdee]
* [http://maniadrive.raydium.org/ Maniadrive]
* [http://www.motorsport-sim.org/ Motorsport]
* [http://projects.planetpenguin.de/racer/ PlanetPenguin Racer]
* [http://www.racer.nl/ Racer]
* [http://torcs.sourceforge.net/ Torcs]
* [http://sourceforge.net/projects/trigger-rally/ Trigger]
* [http://tuxracer.sourceforge.net/ Tux Racer]
* [http://vdrift.net/ VDrift]
* [http://xmoto.tuxfamily.org/ Xmoto]

==== Others ====
* [http://armagetron.sourceforge.net/ Armagetron]
* [http://boson.eu.org/ Boson]
* [http://www.bzflag.org/ BZFlag]
* [http://fightwinprevail.sourceforge.net/ fight win prevail]
* [http://www.frozen-bubble.org/ Frozen Bubble]
* [http://www.glest.org/en/ Glest]
* [http://www.banghowdy.com/ Bang! Howdy]
* [http://www.nerogame.org/ Nero]
* [http://netpanzer.berlios.de/index.html netPanzer]
* [http://icculus.org/neverball/ Neverball]
* [http://www.scorched3d.co.uk/ Scorched 3D]
* [http://www.x-plane.com/SpaceCombat.html Space Combat]
* [http://spring.clan-sy.com/ Spring]
* [http://themanaworld.org/ The Mana World]

== Office ==

==== Office Suite ====
: ''MS Office''
* [http://www.openoffice.org/ OpenOffice.org]
* [http://www.koffice.org/ KOffice]
* [http://www.gnome.org/gnome-office/ GNOME Office]
* [http://siag.nu/ Siag Office]

==== CAT (Computer Aided Translation) ====
: ''Wordfast, Trados, Déjà Vu, Across, MetaTexis, STAR Transit, etc.''

* [http://www.omegat.org/en/omegat.html OmegaT]
* [http://omegatplus.sourceforge.net/ OmegaT+] (note: these two are different projects with different maintainers)
* [http://anaphraseus.sourceforge.net/ Anaphraseus] "Wordfast" for OpenOffice.org
* [http://translate.sourceforge.net/wiki/virtaal/index Virtaal] (Primary focus: software translation)
* [http://transolution.python-hosting.com/ Transolution] (Primary focus: software translation)

==== Calendar ====
: ''Ms Outlook''
* [http://www.gnome.org/projects/evolution/ Evolution]
* [http://www.mozilla.org/projects/calendar/sunbird/ Mozilla Sunbird]
* [http://www.mozilla.org/projects/calendar/calext/download.html Mozilla Calendar Extension] for Thunderbird and Firefox

==== Desktop Publishing ====
: ''Microsoft Publisher''
* [http://www.scribus.net/ Scribus]

==== Diagram Creation ====
: ''Microsoft Visio''
* [http://www.gnome.org/projects/dia/ Dia]
* [http://www.koffice.org/kivio/ Kivio] (part of [http://www.koffice.org/ KOffice])
* [http://uml.sourceforge.net/index.php Umbrello UML]
* [http://www.visual-paradigm.com/product/vpuml/productinfovpumlce.jsp Visual Paradigm for UML] (Community edition)
* [http://argouml.tigris.org/ ArgoUML]
* [http://graphviz.org/ Graphviz]

== System tools ==

==== File managers ====
: ''Total Commander; FAR''
* [http://krusader.sourceforge.net/ Krusader]
* [http://www.ibiblio.org/mc/ GNU Midnight Commander]
* [http://www.nongnu.org/gcmd/shots.html GNOME Commander]
* [http://vifm.sourceforge.net/ vifm]

: ''Windows Explorer''
* [http://www.konqueror.org/ Konqueror]
* [http://www.gnome.org/projects/nautilus/ Nautilus]
* [http://evidence.sourceforge.net/ Evidence]
* [http://rox.sourceforge.net/desktop/ROX-Filer ROX-Filer]
* [http://thunar.xfce.org/ Thunar]
* [http://enzosworld.gmxhome.de/ Dolphin]

==== CD Burners ====
: ''Nero''
* [http://www.k3b.org/ K3B]
* [http://www.rocketdivision.com/grab_burn.html Grab&Burn]
* [http://www.acetoneteam.org/ AcetoneISO]
* [http://gnomebaker.sourceforge.net/v2/ GnomeBaker]
* [http://www.nero.com/eng/NeroLINUX.html NeroLINUX]
* [http://perso.orange.fr/bonfire/index.htm Brasero]

==== Partition Managers ====
: ''Partition Magic''
* [http://gparted.sourceforge.net/ Gparted]
* [http://qtparted.sourceforge.net/ QtParted]

==== GUI Program installers ====
: ''none''
* [http://www.nongnu.org/synaptic/ Synaptic]
* [http://yumex.python-hosting.com/ Yumex]
* [http://sourceforge.net/projects/kyum Kyum]

== Commercial Applications ==
* [http://www.transgaming.com/ Cedega] - Can help play Windows games on Linux
* [http://www.codeweavers.com/ CrossOver Office] - Run Windows software on Linux
* [http://www.ac3d.org/ AC3D] - 3D modeling software

== Commercial Games ==
* [http://www.tuxgames.com/ Tux Games] - The online store for Linux Games

== Other ==

*[http://kbpublisher.sourceforge.net/ KBPublisher] - knowledge base software
*[http://gramps-project.org/ GRAMPS] - Genealogy database recording software
*[http://sourceforge.net/project/showfiles.php?group_id=219465/ Millennium BSA] - Millennium Business Suite Anywhere (BSA) is web based ERP/CRM solution with integrated BPM. Millennium BSA automates resources' planning (MRPII), distribution, inventory, payroll, HR, purchase, sales. Millennium BSA is distributed under GPL V2. Project web site [http://www.m-g.ru/ www.m-g.ru]

== Useful Links to Linux program lists ==

* http://gnomefiles.org/
* http://www.gfiles.org/
* http://www.linuxsoft.cz/en/
* https://wiki.ubuntu.com/LoopList
* http://freshmeat.net/
* http://kde-files.org/
* http://www.linuxrsp.ru/win-lin-soft/table-eng.html
* http://alts.homelinux.net/
* [http://www.debianhelp.co.uk/tools.htm List of open-source tools and software]
* [http://en.wikipedia.org/wiki/List_of_Unix_programs List Of Unix Programs (Wikipedia)]
* [http://www.argentilinux.com.ar/ List of Linux Applications] (Spanish)
* [http://www.osalt.com Open-source alternative]
* [http://f-droid.org F-Droid] is the repository for free and open source software (almost all of it ad-free) for the Google Android platform.

Alternatives

Perspectoff — Sat, 08 Jun 2013 16:31:11 GMT

Perspectoff: /* Torrents */

== Audio ==

==== Audio Player ====
: ''Winamp; Windows Media Player''
* [http://audacious-media-player.org/ Audacious]
* [http://amarok.kde.org/ amaroK]
* [http://bmpx.beep-media-player.org/site/BMPx_Homepage BMPx]
* [http://www.banshee-project.org/Main_Page Banshee]
* [http://www.jinzora.org/ Jinzora]
* [http://www.gnome.org/projects/rhythmbox/ Rhythmbox]
* [http://mesk.nicfit.net/ Mesk]
* [http://www.xmms.org/ XMMS]
* [http://zinf.org/about.php Zinf]
* [http://exaile.org/ Exaile!]
* [http://www.videolan.org/vlc/ VLC]
* [http://getsongbird.com/ Songbird]

==== Audio Editor ====
: ''SoundForge; Adobe Audition''
* [http://audacity.sourceforge.net/ Audacity]
* [http://lmms.sourceforge.net/ LMMS]
* [http://www.rosegardenmusic.com/ Rosegarden]
* [http://www.metadecks.org/software/sweep/ Sweep]
* [http://glame.sourceforge.net Glume]
* [http://rezound.sourceforge.net/ ReZound]
* [http://wired.epitech.net/ Wired]
* [http://ardour.org/ Ardour]

==== Stream Browser ====
* [http://www.nongnu.org/streamtuner/ Streamtuner]
* [http://www.last.fm/ last.fm]

==== CD Ripper ====
* [http://www.gnomefiles.org/app.php?soft_id=531 Goobox]
* [http://wiki.hydrogenaudio.org/index.php?title=Rubyripper Rubyripper]
* [http://arson.sourceforge.net/ Arson]
* [http://nostatic.org/grip/ GRip]
* [http://burtonini.com/blog/computers/sound-juicer Sound Juicer]

== Video ==

==== Video Player ====
: ''BSplayer; Windows Media Player; VLC''
* [http://xinehq.de/ Xine]
* [http://xt7-player.sourceforge.net/xt7forum/viewtopic.php?f=4&t=2 Xt7-Player]
* [http://www.mplayerhq.hu/homepage/design7/news.html MPlayer]
* [http://kaffeine.sourceforge.net/ Kaffeine]
* [http://www.videolan.org/vlc/ VLC]
* [http://www.gnome.org/projects/totem/ Totem]
* [[Netflix|Netflix]]

==== Video Editor ====
: ''Adobe Premiere''
* [http://www.kinodv.org/ Kino]
* [http://heroinewarrior.com/cinelerra.php3 Cinelerra]
* [http://www.jahshaka.org/ Jahshaka]
* [http://lives.sourceforge.net/ LiVES]
* [http://www.diva-project.org/ Diva]
* [http://fixounet.free.fr/avidemux/ Avidemux]
* [http://iriverter.thestaticvoid.org/ Iriverter]

==== DVD Authoring Software ====
: ''Adobe Encore, TMPGEnc DVD Author, Roxio DVDit''
* [http://www.bombono.org/ Bombono DVD]
* [http://qdvdauthor.sourceforge.net/ QDVDAuthor]
* [http://tovid.wikia.com/wiki/Tovid_Wiki tovid]

==== DVD Ripper ====
* [http://untrepid.com/acidrip/ AcidRip]
* [http://www.exit1.org/dvdrip/ dvd::rip]
* [http://handbrake.m0k.org/ Handbrake]
* [http://k9copy.sourceforge.net/ k9copy]
* [http://www.gnome.org/projects/brasero/ Brasero]
* [http://dvdrippingsoftwares.com/convertdvd/dvd-to-ipad-freeware.html/ dvd to ipad 2]
==== Screen Capture ====
* [http://live.gnome.org/ Istanbul Istanbul]
* [http://xvidcap.sourceforge.net/ Xvidcap]
* [http://recordmydesktop.sourceforge.net/ recordMyDesktop]

== Graphics & Design ==

==== Image viewer ====
* [http://www.digikam.org/ digiKam]
* [http://gthumb.sourceforge.net/ gThumb]
* [http://gwenview.sourceforge.net/ Gwenview]
* [http://www.xnview.com/ XnView]
* [http://gqview.sourceforge.net/ GQview]
* [http://goby.sourceforge.net Goby]
* [http://www.klografx.net/qiv/index2.html Quick Image Viewer]

==== Image organizer ====
: ''Picasa''
* [http://www.gnome.org/projects/f-spot/ F-Spot]
* [http://picasa.google.com/ Picasa]

==== Image editor ====
: ''Adobe Photoshop''
* [http://gimp.org/ GIMP]
* [http://krita.org/ Krita]
* [http://www.tuxpaint.org/ Tux Paint]
* [http://mtpaint.sourceforge.net/ mtPaint]
* [http://sf-xpaint.sourceforge.net/ XPaint]

==== Vectorgraphics editor ====
: ''CorelDraw''
* [http://inkscape.org/ Inkscape]
* [http://www.synfig.com/ Synfig]

==== 3D Modeler ====
: ''3D Max; Maya''
* [http://www.blender3d.com/cms/Home.2.0.html Blender3D]
* [http://www.wings3d.com/ Wings 3D]
* [http://www.equinox3d.com/ Equinox-3D]
* [http://www.misfitcode.com/misfitmodel3d/ Misfit Model 3D]
* [http://sharp3d.sourceforge.net/mediawiki/ Sharp 3D]

==== Computer Aided Design ====
: ''AutoCAD; MathCAD''
* [http://www.ribbonsoft.com/qcad.html qCAD]
* [http://brlcad.org/ BRL-CAD]
* [http://www.cadcam.co.at/freiter/gCAD3D.htm gCAD3D]
* [http://www.askoh.com/freecad/index.html FreeCAD]

== Internet & Network ==
====Internet Broadband Connection====
* [http://huaweie220.blogspot.com support most of 3G devices]
==== Internet Browser ====
: ''Internet Explorer''
* [http://www.mozilla.com/firefox/ Firefox] aka Iceweasel
* [http://www.opera.com/ Opera]
* [http://www.mozilla.org/projects/seamonkey/ SeaMonkey]
* [http://www.konqueror.org/ Konqueror]
* [http://galeon.sourceforge.net/ Galeon]
* [http://dillo.org/ Dillo]
* [http://lynx.browser.org/ Lynx] - Text browser for the World Wide Web

==== E-mail ====
: ''Outlook Express, Outlook''
* [http://www.gnome.org/projects/evolution/ Evolution]
* [http://www.mozilla.com/thunderbird/ Thunderbird]
* [http://kmail.kde.org/ KMail]

==== Usenet/Newsreader ====
: ''Outlook Express, Forte Agent''
* [http://pan.rebelbase.com/ Pan]

==== RSS Feed Reader ====
* [http://liferea.sourceforge.net/ Liferea]
* [http://akregator.sourceforge.net/ aKregator]
* [http://www.gnome.org/projects/straw/ Straw]
* [http://www.cincomsmalltalk.com/BottomFeeder/ BottomFeeder]
* [http://www.rssowl.org/ RSSOwl]

==== FTP Client ====
: ''FileZilla; WS_FTP''
* [http://gftp.seul.org/ gFTP]
* [http://filezilla-project.org/ FileZilla]

==== Instant messenger ====
: ''AIM; ICQ; MSN; Yahoo!; Jabber; Gadu-gadu''
* [http://pidgin.im/ Pidgin] (Formerly GAIM)
* [http://kopete.kde.org/ Kopete]
* [http://www.bitlbee.org/ BitlBee]
* [http://www.amsn-project.net/ aMSN]
* [http://gyachi.sourceforge.net/ GYachI] - enables Yahoo! webcam
* [http://www.kadu.net/ Kadu]

==== Internet Relay Chat ====
: ''mIRC''
* [http://xchat.org XChat]
* [http://irssi.org Irssi]
* [http://www.bitchx.org/ BitchX]
* [http://konversation.kde.org/ Konversation]
* [http://www.kvirc.net/ KVirc]

==== Direct Connect ====
: ''DC++''
* [http://dcgui.berlios.de/ Valknut]
* [http://linuxdcpp.berlios.de/articles.php?um=index Linux DC++]

==== Torrents ====
: ''Torrent clients''
* Also see the Torrent client articles for the current LTS version of [[Ubuntu_Precise_Internet#Filesharing_.2F_P2P Ubuntu]] or [[Kubuntu_Precise_Internet#Filesharing_.2F_P2P Kubuntu]].
* [http://deluge-torrent.org/ Deluge]
* [http://www.bittornado.com/ BitTornado]
* [http://aria2.sourceforge.net/ aria2]
* [http://azureus.sourceforge.net/ Azureus]
* [http://transmission.m0k.org/ Transmission]
* [http://ktorrent.org/ KTorrent]
* [http://amedias.org/~koke/gnome-torrent/ Gnome Torrent]
* [http://gnome-bt.sourceforge.net/ GnomeBT]
* [http://qbittorrent.sourceforge.net/ qBittorrent]

==== P2P ====
: ''eMule, LimeWire''
* [http://www.amule.org/ aMule]
* [http://www.limewire.com LimeWire]
* [http://gtk-gnutella.sourceforge.net/ GTK-Gnutella]

==== VoIP ====
: ''Skype''
* [http://www.skype.com Skype]
* [http://www.gizmoproject.com/ Gizmo]
* [http://www.gnomemeeting.org/ Ekiga]
* [http://www.openwengo.org/ Wengo]

== Graphical User Interface ==

==== Desktop Environment ====
: ''Explorer, Aston, GeoShell''
* [http://www.kde.org/ KDE]
* [http://www.gnome.org/ Gnome]
* [http://www.xfce.org/ Xfce]
* [http://www.enlightenment.org/ Enlightenment]
* [http://rox.sourceforge.net/desktop/ ROX]
* [http://www.xpde.com/ XPde]

==== Window Manager ====
: ''Explorer, WindowsBlind, bb4win''
* [http://www.fluxbox.org/ FluxBox]
* [http://www.freedesktop.org/wiki/Software/waimea Waimea]
* [http://icculus.org/openbox/ OpenBox]
* [http://www.icewm.org/ IceWM]
* [http://integrity.sourceforge.net/ Integrity]
* [http://www.fvwm.org/ FVWM]
* [http://www.afterstep.org/ AfterStep]
* [http://projects.o-hand.com/matchbox/ Matchbox] - for PDA's

== Development ==

==== Web ====
: ''Dreamweaver''
* [http://www.aptana.com/ Aptana]
* [http://www.nvu.com/ Nvu]
* [http://bluefish.openoffice.nl/ Bluefish]
* [http://cssed.sourceforge.net/ cssed] - CSS Editor
* [http://quanta.kdewebdev.org/ Quanta Plus]
* [http://www.screem.org/ Screem]
* [http://www.kompozer.net/ KompoZer]

==== IDE ====
: ''MS Visual studio''
* [http://www.kdevelop.org/ KDevelop]
* [http://www.netbeans.org/ NetBeans]
* [http://anjuta.sourceforge.net/ Anjuta] - Anjuta is a versatile IDE for C and C++, written for GTK/GNOME
* [http://www.eclipse.org/ Eclipse] - An extensible frameworks, tools and runtimes for building, deploying and managing software across the lifecycle
* [http://www.die-offenbachs.de/detlev/eric.html Eric] - Python IDE
* [http://stani.be/python/spe/blog/ SPE] - Stani's Python Editor
* [http://trolltech.com/downloads/opensource Qt]

== Education ==
* [http://www.stellarium.org/ Stellarium] - Virtual Palanetarium
* [http://edu.kde.org/ The KDE Edutainment Project]
* [http://freemind.sourceforge.net/wiki/index.php/Main_Page FreeMind] - Mind Mapping
* [http://maxima.sourceforge.net/ Maxima] with the [http://wxmaxima.sourceforge.net/ wxMaxima GUI] - Mathematica and Maple equivalent CAS

== Games ==
: ''only free or opensource games listed''

==== Action ====
* [http://red.planetarena.org/ Alien Arena 2007]
* [http://crystalcore.svanfeldt.com/ Crystal Core]
* [http://www.cubeengine.com/ Cube]
* [http://www.enemyterritory.com/ Enemy Territory: Quake Wars]
* [http://ioquake3.org/ ioQuake3]
* [http://legendsthegame.net/ Legends]
* [http://www.alientrap.org/nexuiz/ Nexuiz]
* [http://www.openarena.ws/ OpenArena]
* [http://www.s2games.com/savage/ Savage: Battle for Newerth]
* [http://www.transfusion-game.com/ Transfusion]
* [http://www.tremulous.net/ Tremulous]
* [http://www.warsow.net/ Warsow]

==== RPG ====
* [http://home.gna.org/oomadness/en/balazar/ Balazar]
* [http://www.eternal-lands.com/index.php Eternal Lands]
* [http://www.graalonline.com/ GraalOnline]
* [http://www.zeropointgameplay.com/ Mistlands]
* [http://www.planeshift.it/main_01.html PlaneShift]
* [http://secondlife.com/ Second Life]
* [http://www.wesnoth.org/ The Battle for Wesnoth]

==== Racing ====
* [http://ecksdee.sourceforge.net/ Ecksdee]
* [http://maniadrive.raydium.org/ Maniadrive]
* [http://www.motorsport-sim.org/ Motorsport]
* [http://projects.planetpenguin.de/racer/ PlanetPenguin Racer]
* [http://www.racer.nl/ Racer]
* [http://torcs.sourceforge.net/ Torcs]
* [http://sourceforge.net/projects/trigger-rally/ Trigger]
* [http://tuxracer.sourceforge.net/ Tux Racer]
* [http://vdrift.net/ VDrift]
* [http://xmoto.tuxfamily.org/ Xmoto]

==== Others ====
* [http://armagetron.sourceforge.net/ Armagetron]
* [http://boson.eu.org/ Boson]
* [http://www.bzflag.org/ BZFlag]
* [http://fightwinprevail.sourceforge.net/ fight win prevail]
* [http://www.frozen-bubble.org/ Frozen Bubble]
* [http://www.glest.org/en/ Glest]
* [http://www.banghowdy.com/ Bang! Howdy]
* [http://www.nerogame.org/ Nero]
* [http://netpanzer.berlios.de/index.html netPanzer]
* [http://icculus.org/neverball/ Neverball]
* [http://www.scorched3d.co.uk/ Scorched 3D]
* [http://www.x-plane.com/SpaceCombat.html Space Combat]
* [http://spring.clan-sy.com/ Spring]
* [http://themanaworld.org/ The Mana World]

== Office ==

==== Office Suite ====
: ''MS Office''
* [http://www.openoffice.org/ OpenOffice.org]
* [http://www.koffice.org/ KOffice]
* [http://www.gnome.org/gnome-office/ GNOME Office]
* [http://siag.nu/ Siag Office]

==== CAT (Computer Aided Translation) ====
: ''Wordfast, Trados, Déjà Vu, Across, MetaTexis, STAR Transit, etc.''

* [http://www.omegat.org/en/omegat.html OmegaT]
* [http://omegatplus.sourceforge.net/ OmegaT+] (note: these two are different projects with different maintainers)
* [http://anaphraseus.sourceforge.net/ Anaphraseus] "Wordfast" for OpenOffice.org
* [http://translate.sourceforge.net/wiki/virtaal/index Virtaal] (Primary focus: software translation)
* [http://transolution.python-hosting.com/ Transolution] (Primary focus: software translation)

==== Calendar ====
: ''Ms Outlook''
* [http://www.gnome.org/projects/evolution/ Evolution]
* [http://www.mozilla.org/projects/calendar/sunbird/ Mozilla Sunbird]
* [http://www.mozilla.org/projects/calendar/calext/download.html Mozilla Calendar Extension] for Thunderbird and Firefox

==== Desktop Publishing ====
: ''Microsoft Publisher''
* [http://www.scribus.net/ Scribus]

==== Diagram Creation ====
: ''Microsoft Visio''
* [http://www.gnome.org/projects/dia/ Dia]
* [http://www.koffice.org/kivio/ Kivio] (part of [http://www.koffice.org/ KOffice])
* [http://uml.sourceforge.net/index.php Umbrello UML]
* [http://www.visual-paradigm.com/product/vpuml/productinfovpumlce.jsp Visual Paradigm for UML] (Community edition)
* [http://argouml.tigris.org/ ArgoUML]
* [http://graphviz.org/ Graphviz]

== System tools ==

==== File managers ====
: ''Total Commander; FAR''
* [http://krusader.sourceforge.net/ Krusader]
* [http://www.ibiblio.org/mc/ GNU Midnight Commander]
* [http://www.nongnu.org/gcmd/shots.html GNOME Commander]
* [http://vifm.sourceforge.net/ vifm]

: ''Windows Explorer''
* [http://www.konqueror.org/ Konqueror]
* [http://www.gnome.org/projects/nautilus/ Nautilus]
* [http://evidence.sourceforge.net/ Evidence]
* [http://rox.sourceforge.net/desktop/ROX-Filer ROX-Filer]
* [http://thunar.xfce.org/ Thunar]
* [http://enzosworld.gmxhome.de/ Dolphin]

==== CD Burners ====
: ''Nero''
* [http://www.k3b.org/ K3B]
* [http://www.rocketdivision.com/grab_burn.html Grab&Burn]
* [http://www.acetoneteam.org/ AcetoneISO]
* [http://gnomebaker.sourceforge.net/v2/ GnomeBaker]
* [http://www.nero.com/eng/NeroLINUX.html NeroLINUX]
* [http://perso.orange.fr/bonfire/index.htm Brasero]

==== Partition Managers ====
: ''Partition Magic''
* [http://gparted.sourceforge.net/ Gparted]
* [http://qtparted.sourceforge.net/ QtParted]

==== GUI Program installers ====
: ''none''
* [http://www.nongnu.org/synaptic/ Synaptic]
* [http://yumex.python-hosting.com/ Yumex]
* [http://sourceforge.net/projects/kyum Kyum]

== Commercial Applications ==
* [http://www.transgaming.com/ Cedega] - Can help play Windows games on Linux
* [http://www.codeweavers.com/ CrossOver Office] - Run Windows software on Linux
* [http://www.ac3d.org/ AC3D] - 3D modeling software

== Commercial Games ==
* [http://www.tuxgames.com/ Tux Games] - The online store for Linux Games

== Other ==

*[http://kbpublisher.sourceforge.net/ KBPublisher] - knowledge base software
*[http://gramps-project.org/ GRAMPS] - Genealogy database recording software
*[http://sourceforge.net/project/showfiles.php?group_id=219465/ Millennium BSA] - Millennium Business Suite Anywhere (BSA) is web based ERP/CRM solution with integrated BPM. Millennium BSA automates resources' planning (MRPII), distribution, inventory, payroll, HR, purchase, sales. Millennium BSA is distributed under GPL V2. Project web site [http://www.m-g.ru/ www.m-g.ru]

== Useful Links to Linux program lists ==

* http://gnomefiles.org/
* http://www.gfiles.org/
* http://www.linuxsoft.cz/en/
* https://wiki.ubuntu.com/LoopList
* http://freshmeat.net/
* http://kde-files.org/
* http://www.linuxrsp.ru/win-lin-soft/table-eng.html
* http://alts.homelinux.net/
* [http://www.debianhelp.co.uk/tools.htm List of open-source tools and software]
* [http://en.wikipedia.org/wiki/List_of_Unix_programs List Of Unix Programs (Wikipedia)]
* [http://www.argentilinux.com.ar/ List of Linux Applications] (Spanish)
* [http://www.osalt.com Open-source alternative]
* [http://f-droid.org F-Droid] is the repository for free and open source software (almost all of it ad-free) for the Google Android platform.

Dynamic dns

Perspectoff — Sat, 08 Jun 2013 16:23:11 GMT

Perspectoff: Redirected page to Dynamic IP servers

#REDIRECT [[Dynamic_IP_servers]]

Template:Dynamic IP servers

Perspectoff — Sat, 08 Jun 2013 16:13:15 GMT

Perspectoff: /* Other DDNS services */

= Dynamic IP servers =
I used to like the ''DynDNS'' service because they are one of the oldest (and in the past had completely free services available). Although these examples use this service, there are [[#Other_DDNS_services|other services]] that can be used with similar setups (and some are still completely free). (Although DynDNS no longer offers free anonymous accounts, it is still possible to get a free account using a credit card. See [http://www.dyncommunity.com/questions/21580/from-dyn-what-happened-to-free-accounts.html this info.] Create an account, sign up for a free trial (with the credit card), then cancel the free trial. They will then give you the option to continue with a free URL.)

== Single URL and a DynDNS-capable router ==
My router happens to have a built-in updater for ''DynDNS'' (and for ''TZO''). In the DDNS section of the router configuration, I can set the name of a single URL I have registered with ''DynDNS'' (or ''TZO''), along with the username and password I have previously set up at [http://www.dyndns.com/services/dns/dyndns/ ''DynDNS.com'']. The router does the rest automatically for me. If you are using a single URL and have a similar router capability, then this will be the easiest setup by far. First register for a username (with password) at ''DynDNS'' (or ''TZO'') and set the URL name there that the server on your host will use. Then input the information into your router's configuration page. The router will do the rest.

== Multiple URLs ==
I use multiple URLs because I run multiple webservers from my host computer. However, the router I currently use only allows me to update one of the URLs. I therefore need an updater program in order to update all of the URLs at the same time.

=== ddclient ===
[[File:Prefapp1.png|18 px]] [http://sourceforge.net/p/ddclient/wiki/Home/ ddclient] is a perl-based client that updates the ''DynDNS'' (or other dynamic IP DNS service) database to keep track of your host computer's changing dynamic IP address. ''DynDNS'' is a public [http://en.wikipedia.org/wiki/Domain_Name_System DNS] server, and will match your URL name to whichever (current) dynamic IP address that the ddclient sends to ''DynDNS''. Setup will be easiest if you register for a username/password at ''DynDNS.com'' (or other dynamic IP DNS service) and set up your desired URLs there, first. Then install the updater client program:
sudo apt-get install ddclient

:If this is the first time you have installed ddclient, you will be prompted for the URL(s) you registered with [http://www.dyndns.com/services/dns/dyndns/ ''DynDNS.com''] (or other dynamic IP DNS service). You will also be prompted for the username/password your registered with ''DynDNS.com''. Lastly, you will be asked which ethernet port your primarily use to connect to the Internet (eth0 for wired, wlan0 for wireless, usually).

The system will function with no further setup if you input the variables correctly. See [http://www.dyndns.com/support/kb/using_ddclient_with_dyndns_services.html this ''DynDNS'' page] for instructions on additional customizations available for use with ''DynDNS''.

==== Edit ddclient configuration ====
*Edit the ddclient configuration file (use ''kate'' instead of ''nano'' in Kubuntu, or ''gedit'' instead of ''nano'' in Ubuntu):
sudo nano /etc/ddclient.conf

*To set the number of seconds between updates, I add the line
daemon=3600

:My dynamic IP only changes rarely, so I only check it hourly (3600 seconds in an hour).

*To use secure SSL communications, I add the line
ssl=yes

*To use the DynDNS checkip service (which will autodetect your current IP address), I add the line
use=web, web=checkip.dyndns.com/, web-skip='IP Address'

My configuration file now looks like:
# Configuration file for ddclient generated by debconf
#
# /etc/ddclient.conf
#
# Check the current IP address. Either check the eth0 port for its current IP address (can't be used on a LAN),
# or use the DynDNS IP checking service.
daemon=3600
pid=/var/run/ddclient.pid
#use=if, if=eth0
use=web, web=checkip.dyndns.com/, web-skip='IP Address'
#
# Login and change the values at the DynDNS site, using SSL.
protocol=dyndns2
ssl=yes
server=members.dyndns.org
login=''myDynDNSusername''
password=' ''myDynDNSuserpassword'' '
''mysite_1.dynds.org'',''mysite_2.dyndns.org'',''mysite_3.dyndns.org''

::Note that the password must be enclosed in quotation marks, e.g 'myDynDNSuserpassword' for ''DynDNS''.

*Ensure that the configuration is working:
sudo ddclient -daemon=0 -debug -verbose -noquiet

*Note that you can add additional services and/or domain names to be updated simply by adding an additional block to the configuration file (appropriate for the service). Here is an example (see below for references to additional examples).
protocol=''otherDDNSservice''
server=''whatever.ddnsservice.org''
login=''MyOtherDDNSserviceusername''
password=''MyOtherDDNSservicepassword''
''mysite4.dnsservice.org'', mysite5.dnsservice.org''

===== Run ddclient using cron =====
[http://pubs.opengroup.org/onlinepubs/9699919799/utilities/crontab.html Cron] is the automatic task scheduler for Linux systems. Although ddclient runs as a daemon, for various reasons I have found it necessary to force an update at least once a day. This can be done as a daily scheduled task, using cron. See [http://pubs.opengroup.org/onlinepubs/9699919799/utilities/crontab.html here] for a full description of cron and its options or [https://help.ubuntu.com/community/CronHowto Ubuntu Community Help].

* Edit the crontab with administrative (root) privileges:
sudo crontab -e

* Add the line:
45 04 * * * /etc/init.d/ddclient --force

:This will run ddclient and force an update daily at 0400 (actually at 04:45).

* I also happen to like to reboot the machine weekly on Tuesday (day 2 of the week) nights at 1:30 am, so I add the line:

30 01 * * 2 reboot

:Clearly this is a personal preference and is optional.

==== Other DDNS services ====
*[http://sourceforge.net/apps/trac/ddclient/wiki/Protocols The ddclient wiki] lists some configurations for other services ([http://namecheap.simplekb.com/kb.show?show=article&articleid=583&categoryid=11 NameCheap], [http://www.dnspark.com/services/dynamicDNS.php DNSPark], [http://www.dslreports.com/faq/240 DSLReports], [http://www.easydns.com/dynamicdns.php3 EasyDNS], [http://www.zoneedit.com/doc/dynamic.html#faq1 ZoneEdit]), also.

*More info can be found on the [http://sourceforge.net/projects/ddclient/forums/forum/399428 ddclient forums].

*A list of DDNS providers is at [http://www.dmoz.org/Computers/Internet/Protocols/DNS/Service_Providers/Dynamic_DNS/ DMOZ] and [http://dnslookup.me/dynamic-dns/ Dynamic DNS].
:*Choose a Dynamic DNS Registrar that is reputable and whom you trust. A Dynamic DNS provider is able to redirect your server traffic to an anonymous IP address by using a type of [http://en.wikipedia.org/wiki/Man-in-the-middle_attack "man-in-the-middle"] redirection (and thereby potentially could intercept your communications). This can be an obvious security risk. Always use SSL/TLS and/or SASL authentication with security certificates, and be sure to [[Kubuntu_Precise_Privacy|encrypt]] any email that has confidential information in it.

=== Other Dynamic DNS updater clients ===
* [http://ipcheck.sourceforge.net/ IPcheck] is a Python-based client/script to update a dynamic IP address with a Dynamic DNS-capable registrar. Install:
sudo apt-get install ipcheck
* [http://inatech.eu/inadyn/readme.html Inadyn] is a client/script to update a dynamic IP address with several Dynamic DNS-capable registrars. Install:
sudo apt-get install inadyn
* [http://packages.debian.org/en/squeeze/ez-ipupdate EZ-IPUpdate] is a client/script to update a dynamic IP address with several Dynamic DNS-capable registrars. (The [http://www.ez-ipupdate.com website] for this package may or may not be functional.) Install:
sudo apt-get install ez-ipupdate
* [http://cpan.netnitco.net/authors/id/J/JA/JARIAALTO/dyndns-2001.1217.pl DynDns] is another perl-based client/script to update a dynamic IP address with a Dynamic DNS-capable registrar. Install:
sudo apt-get install dyndns
* [http://zoneclient.sourceforge.net/ Zoneclient] is another Python-based script to update a dynamic IP address with a Dynamic DNS-capable registrar.

== Redirecting a URL ==
Most free Dynamic DNS providers allow only 1 or 2 free URLs, and they usually include the domain name of the provider itself. For example, DynDNS domains are often of the format ''mydomain''.dyndns.org or something similar.

If you have registered a URL with a different DNS registrar, it can be forwarded to the free URL created at the dynamic DNS provider. (The Dynamic DNS providers (e.g. ''DynDNS'') hope that you will register your URL with them, of course, so that they can make money.)

The dynamic domain URL (e.g. ''mydomain.dyndns.org'') points to the numeric IP address of your location (router/computer). When traffic is routed to this dynamic domain URL, it is then re-rerouted to the correct numeric IP address. This can be a transparent process and, if desired, it is not necessary to reference the dynamic URL except in the forwarding rules from the original DNS registrar to the Dynamic DNS registrar (e.g. ''DynDNS'').

Using forwarding rules, an infinite number of URLs can be forwarded to a single dynamic URL. The primary host that resides at the destination IP address must then resolve the forwarded URLs (using virtual host or .htaccess files) and direct them to the appropriate server on the computer (or LAN).

=== CNAME aliases ===
Different DNS registrars have different methods of forwarding a URL, but in general there is one method common to all of them: CNAME aliases.

If you have a URL registered with a DNS registrar, go to the DNS settings for your domain name. Delete any A records (or other entries) and use only CNAME entries.

For example, let's say my free Dynamic DNS URL is ''mydomain.dyndns.org'' (at ''DynDNS.com''). My domain URL is ''mydomain.me'', registered at ''SuperDuper'' DNS Registrar.

Logging into ''SuperDuper'' DNS Registrar, I edit the DNS settings for ''mydomain.me'' (which in my control panel is found under ''Manage DNS''). I make sure I have these entries:
Name Type Content
@ CNAME ''mydomain''.dyndns.org.
www CNAME ''mydomain''.dyndns.org.

The period ("full stop") at the end of the URL is important to designate that the CNAME is a FQDN (fully qualified domain name). A CNAME should not have "http://" in it. The @ symbol indicates a URL name without the first segment, e.g. the URL ''mydomain.me'' by itself.

Using CNAME aliasing, the original URL is retained in the browser. It is up to you (using virtual host files or Rewrite rules in the .htaccess files of Apache, for example) if you wish to massage the URL at your server (to change it to a canonical name) or redirect it.

=== URL forwarding ===
Some domain name registrars have a URL forwarding option. The method of implementation varies from provider to provider, however, and (depending on the DNS registrar) is often not as reliable as CNAME aliases. URL forwarding may be enabled using a DNS setting (similar to a CNAME alias) such as "URL redirect" or it may be in the form of a "Web forwarding" service. Check with your DNS registrar for specific instructions.

=== Examples ===
==== Multiple domain name URLs, single Dynamic URL ====
I have 3 servers on my host, each using a different domain name:
* ''mysite_1.mydomain.org'' is registered at ''MasterBlaster'' DNS Registrar.
* ''mysite_2.mydomain.org'' is registered at ''MasterBlaster'' DNS Registrar.
* ''mysite_3.myotherdomain.me'' is registered at ''Felix'' DNS Registrar. This site can also be accessed as ''myotherdomain.me'' and ''www.myotherdomain.me''.

I registered a free Dynamic URL at ''DynDNS'' and using ddclient make sure it is forwarded to my dynamic IP address (using the instructions above):
* ''bagoftricks.dyndns.org''

At ''MasterBlaster'' DNS Registrar I set up CNAME forwarding for ''mydomain.org'':

Name Type Content
mysite_1 CNAME ''bagoftricks.dyndns.org''.
mysite_2 CNAME ''bagoftricks.dyndns.org''.

At ''Felix'' DNS Registrar I set up CNAME forwarding for ''myotherdomain.me'':

Name Type Content
@ CNAME ''bagoftricks.dyndns.org''.
www CNAME ''bagoftricks.dyndns.org''.
mysite_3 CNAME ''bagoftricks.dyndns.org''.

On the host computer on my LAN to which incoming port 80 and 443 traffic is initially directed (by the router), I use Apache virtual host files for each of the incoming URLs.

*For example, ''mysite_3.myotherdomain.me'' is a MediaWiki website stored at /etc/mediawiki/''mysite_3''. There is a symbolic link from /var/www/''MySite_3'' to /etc/mediawiki/''mysite_3'', which was created:
sudo ln -s /etc/mediawiki/''mysite_3'' /var/www/''MySite_3''

A virtual host configuration file named ''MySite3'' was then created in /etc/apache2/sites-available (use ''gedit'' instead of ''kate'' in Ubuntu):
sudo kate /etc/apache2/sites-available/''MySite3''

and the settings created:
<VirtualHost *:80>
#
UseCanonicalName off
#
DocumentRoot /var/www/''MySite_3''
DirectoryIndex index.php index.html
#
ServerName ''mysite3.myotherdomain.me''
## We want to be able to access the web site using foobar1.dyndns.org or www.foobar1.dyndns.org
ServerAlias ''www.myotherdomain.me'' ''myotherdomain.me''
ServerAdmin webmaster@localhost
#
RewriteEngine On
#
<Directory /var/www/''MySite_3''>
Options Indexes FollowSymLinks MultiViews
Options FollowSymLinks MultiViews
# AllowOverride None
Order allow,deny
allow from all
</Directory>
#
</VirtualHost>

:The virtual host file was made active and Apache restarted:
sudo ln -s /etc/apache2/sites-available/''MySite3'' /etc/apache2/sites-enabled/''MySite3''
sudo /etc/init.d/apache2 restart

*''Mysite_1'' is a Drupal6 website stored at /etc/drupal/6/sites/''mysite_1.mydomain.org''. There is a symbolic link from /etc/drupal/6/sites/''mysite_1.mydomain.org'' to /var/www/''MySite_1'', which was created:
sudo ln -s /etc/drupal/6/sites/''mysite_1.mydomain.org'' /var/www/''MySite_1''

A virtual host configuration file named ''MySite1'' was then created in /etc/apache2/sites-available (use ''gedit'' instead of ''kate'' in Ubuntu):
sudo kate /etc/apache2/sites-available/''MySite1''

and the settings created:
<VirtualHost *:80>
#
UseCanonicalName off
#
DocumentRoot /var/www/''MySite_1''
DirectoryIndex index.php index.html
#
ServerName ''mysite_1.mydomain.org''
## We want to be able to access the web site using foobar1.dyndns.org or www.foobar1.dyndns.org
ServerAlias ''mysite_1.mydomain.org''
ServerAdmin webmaster@localhost
#
RewriteEngine On
#
<Directory /var/www/''MySite_1''>
Options Indexes FollowSymLinks MultiViews
Options FollowSymLinks MultiViews
# AllowOverride None
Order allow,deny
allow from all
</Directory>
#
</VirtualHost>

:The virtual host file was made active and Apache restarted:
sudo ln -s /etc/apache2/sites-available/''MySite1'' /etc/apache2/sites-enabled/''MySite1''
sudo /etc/init.d/apache2 restart

*Similarly, ''Mysite_2'' is a MediaWiki website stored at /etc/mediawiki/''mysite_2''. There is a symbolic link from /etc/mediawiki/''mysite_2'' to /var/www/''MySite_2'', which was created:
sudo ln -s /etc/mediawiki/''mysite_2'' /var/www/''MySite_2''

A virtual host configuration file named ''MySite2'' was then created in /etc/apache2/sites-available (use ''gedit'' instead of ''kate'' in Ubuntu):
sudo kate /etc/apache2/sites-available/''MySite2''

and the settings created:
<VirtualHost *:80>
#
UseCanonicalName off
#
DocumentRoot /var/www/''MySite_2''
DirectoryIndex index.php index.html
#
ServerName ''mysite_2.mydomain.org''
## We want to be able to access the web site using ''foobar1.dyndns.org'' or ''www.foobar1.dyndns.org''
ServerAlias ''mysite_2.mydomain.org''
ServerAdmin webmaster@localhost
#
RewriteEngine On
#
<Directory /var/www/''MySite_2''>
Options Indexes FollowSymLinks MultiViews
Options FollowSymLinks MultiViews
# AllowOverride None
Order allow,deny
allow from all
</Directory>
#
</VirtualHost>

:The virtual host file was made active and Apache restarted:
sudo ln -s /etc/apache2/sites-available/''MySite2'' /etc/apache2/sites-enabled/''MySite2''
sudo /etc/init.d/apache2 restart

*If the servers are on different computers on the LAN, then [[Apache2_reverse_proxies|Apache reverse proxy]] virtual host files should be used.

Template:Dynamic IP servers

Perspectoff — Sat, 08 Jun 2013 16:10:27 GMT

Perspectoff: /* Other DDNS services */

= Dynamic IP servers =
I used to like the ''DynDNS'' service because they are one of the oldest (and in the past had completely free services available). Although these examples use this service, there are [[#Other_DDNS_services|other services]] that can be used with similar setups (and some are still completely free). (Although DynDNS no longer offers free anonymous accounts, it is still possible to get a free account using a credit card. See [http://www.dyncommunity.com/questions/21580/from-dyn-what-happened-to-free-accounts.html this info.] Create an account, sign up for a free trial (with the credit card), then cancel the free trial. They will then give you the option to continue with a free URL.)

== Single URL and a DynDNS-capable router ==
My router happens to have a built-in updater for ''DynDNS'' (and for ''TZO''). In the DDNS section of the router configuration, I can set the name of a single URL I have registered with ''DynDNS'' (or ''TZO''), along with the username and password I have previously set up at [http://www.dyndns.com/services/dns/dyndns/ ''DynDNS.com'']. The router does the rest automatically for me. If you are using a single URL and have a similar router capability, then this will be the easiest setup by far. First register for a username (with password) at ''DynDNS'' (or ''TZO'') and set the URL name there that the server on your host will use. Then input the information into your router's configuration page. The router will do the rest.

== Multiple URLs ==
I use multiple URLs because I run multiple webservers from my host computer. However, the router I currently use only allows me to update one of the URLs. I therefore need an updater program in order to update all of the URLs at the same time.

=== ddclient ===
[[File:Prefapp1.png|18 px]] [http://sourceforge.net/p/ddclient/wiki/Home/ ddclient] is a perl-based client that updates the ''DynDNS'' (or other dynamic IP DNS service) database to keep track of your host computer's changing dynamic IP address. ''DynDNS'' is a public [http://en.wikipedia.org/wiki/Domain_Name_System DNS] server, and will match your URL name to whichever (current) dynamic IP address that the ddclient sends to ''DynDNS''. Setup will be easiest if you register for a username/password at ''DynDNS.com'' (or other dynamic IP DNS service) and set up your desired URLs there, first. Then install the updater client program:
sudo apt-get install ddclient

:If this is the first time you have installed ddclient, you will be prompted for the URL(s) you registered with [http://www.dyndns.com/services/dns/dyndns/ ''DynDNS.com''] (or other dynamic IP DNS service). You will also be prompted for the username/password your registered with ''DynDNS.com''. Lastly, you will be asked which ethernet port your primarily use to connect to the Internet (eth0 for wired, wlan0 for wireless, usually).

The system will function with no further setup if you input the variables correctly. See [http://www.dyndns.com/support/kb/using_ddclient_with_dyndns_services.html this ''DynDNS'' page] for instructions on additional customizations available for use with ''DynDNS''.

==== Edit ddclient configuration ====
*Edit the ddclient configuration file (use ''kate'' instead of ''nano'' in Kubuntu, or ''gedit'' instead of ''nano'' in Ubuntu):
sudo nano /etc/ddclient.conf

*To set the number of seconds between updates, I add the line
daemon=3600

:My dynamic IP only changes rarely, so I only check it hourly (3600 seconds in an hour).

*To use secure SSL communications, I add the line
ssl=yes

*To use the DynDNS checkip service (which will autodetect your current IP address), I add the line
use=web, web=checkip.dyndns.com/, web-skip='IP Address'

My configuration file now looks like:
# Configuration file for ddclient generated by debconf
#
# /etc/ddclient.conf
#
# Check the current IP address. Either check the eth0 port for its current IP address (can't be used on a LAN),
# or use the DynDNS IP checking service.
daemon=3600
pid=/var/run/ddclient.pid
#use=if, if=eth0
use=web, web=checkip.dyndns.com/, web-skip='IP Address'
#
# Login and change the values at the DynDNS site, using SSL.
protocol=dyndns2
ssl=yes
server=members.dyndns.org
login=''myDynDNSusername''
password=' ''myDynDNSuserpassword'' '
''mysite_1.dynds.org'',''mysite_2.dyndns.org'',''mysite_3.dyndns.org''

::Note that the password must be enclosed in quotation marks, e.g 'myDynDNSuserpassword' for ''DynDNS''.

*Ensure that the configuration is working:
sudo ddclient -daemon=0 -debug -verbose -noquiet

*Note that you can add additional services and/or domain names to be updated simply by adding an additional block to the configuration file (appropriate for the service). Here is an example (see below for references to additional examples).
protocol=''otherDDNSservice''
server=''whatever.ddnsservice.org''
login=''MyOtherDDNSserviceusername''
password=''MyOtherDDNSservicepassword''
''mysite4.dnsservice.org'', mysite5.dnsservice.org''

===== Run ddclient using cron =====
[http://pubs.opengroup.org/onlinepubs/9699919799/utilities/crontab.html Cron] is the automatic task scheduler for Linux systems. Although ddclient runs as a daemon, for various reasons I have found it necessary to force an update at least once a day. This can be done as a daily scheduled task, using cron. See [http://pubs.opengroup.org/onlinepubs/9699919799/utilities/crontab.html here] for a full description of cron and its options or [https://help.ubuntu.com/community/CronHowto Ubuntu Community Help].

* Edit the crontab with administrative (root) privileges:
sudo crontab -e

* Add the line:
45 04 * * * /etc/init.d/ddclient --force

:This will run ddclient and force an update daily at 0400 (actually at 04:45).

* I also happen to like to reboot the machine weekly on Tuesday (day 2 of the week) nights at 1:30 am, so I add the line:

30 01 * * 2 reboot

:Clearly this is a personal preference and is optional.

==== Other DDNS services ====
*[http://sourceforge.net/apps/trac/ddclient/wiki/Protocols The ddclient wiki] lists some configurations for other services ([http://namecheap.simplekb.com/kb.show?show=article&articleid=583&categoryid=11 NameCheap], [http://www.dnspark.com/services/dynamicDNS.php DNSPark], [http://www.dslreports.com/faq/240 DSLReports], [http://www.easydns.com/dynamicdns.php3 EasyDNS], [http://www.zoneedit.com/doc/dynamic.html#faq1 ZoneEdit]), also.

*More info can be found on the [http://sourceforge.net/projects/ddclient/forums/forum/399428 ddclient forums].

*A list of DDNS providers is at [http://www.dmoz.org/Computers/Internet/Protocols/DNS/Service_Providers/Dynamic_DNS/ DMOZ] and [http://dnslookup.me/dynamic-dns/ Dynamic DNS].
:*Choose a Dynamic DNS Registrar that is reputable and whom you trust. A Dynamic DNS provider is able to redirect your server traffic to an anonymous IP address by using a type of [http://en.wikipedia.org/wiki/Man-in-the-middle_attack "man-in-the-middle"] redirection (and thereby potentially could intercept your communications). This can be an obvious security risk. Always use SSL/TLS and/or SASL authentication with security certificates, and be sure to [[Ubuntu:All#PGP_.28Message_Encryption.29|encrypt]] any email that has confidential information in it.

=== Other Dynamic DNS updater clients ===
* [http://ipcheck.sourceforge.net/ IPcheck] is a Python-based client/script to update a dynamic IP address with a Dynamic DNS-capable registrar. Install:
sudo apt-get install ipcheck
* [http://inatech.eu/inadyn/readme.html Inadyn] is a client/script to update a dynamic IP address with several Dynamic DNS-capable registrars. Install:
sudo apt-get install inadyn
* [http://packages.debian.org/en/squeeze/ez-ipupdate EZ-IPUpdate] is a client/script to update a dynamic IP address with several Dynamic DNS-capable registrars. (The [http://www.ez-ipupdate.com website] for this package may or may not be functional.) Install:
sudo apt-get install ez-ipupdate
* [http://cpan.netnitco.net/authors/id/J/JA/JARIAALTO/dyndns-2001.1217.pl DynDns] is another perl-based client/script to update a dynamic IP address with a Dynamic DNS-capable registrar. Install:
sudo apt-get install dyndns
* [http://zoneclient.sourceforge.net/ Zoneclient] is another Python-based script to update a dynamic IP address with a Dynamic DNS-capable registrar.

== Redirecting a URL ==
Most free Dynamic DNS providers allow only 1 or 2 free URLs, and they usually include the domain name of the provider itself. For example, DynDNS domains are often of the format ''mydomain''.dyndns.org or something similar.

If you have registered a URL with a different DNS registrar, it can be forwarded to the free URL created at the dynamic DNS provider. (The Dynamic DNS providers (e.g. ''DynDNS'') hope that you will register your URL with them, of course, so that they can make money.)

The dynamic domain URL (e.g. ''mydomain.dyndns.org'') points to the numeric IP address of your location (router/computer). When traffic is routed to this dynamic domain URL, it is then re-rerouted to the correct numeric IP address. This can be a transparent process and, if desired, it is not necessary to reference the dynamic URL except in the forwarding rules from the original DNS registrar to the Dynamic DNS registrar (e.g. ''DynDNS'').

Using forwarding rules, an infinite number of URLs can be forwarded to a single dynamic URL. The primary host that resides at the destination IP address must then resolve the forwarded URLs (using virtual host or .htaccess files) and direct them to the appropriate server on the computer (or LAN).

=== CNAME aliases ===
Different DNS registrars have different methods of forwarding a URL, but in general there is one method common to all of them: CNAME aliases.

If you have a URL registered with a DNS registrar, go to the DNS settings for your domain name. Delete any A records (or other entries) and use only CNAME entries.

For example, let's say my free Dynamic DNS URL is ''mydomain.dyndns.org'' (at ''DynDNS.com''). My domain URL is ''mydomain.me'', registered at ''SuperDuper'' DNS Registrar.

Logging into ''SuperDuper'' DNS Registrar, I edit the DNS settings for ''mydomain.me'' (which in my control panel is found under ''Manage DNS''). I make sure I have these entries:
Name Type Content
@ CNAME ''mydomain''.dyndns.org.
www CNAME ''mydomain''.dyndns.org.

The period ("full stop") at the end of the URL is important to designate that the CNAME is a FQDN (fully qualified domain name). A CNAME should not have "http://" in it. The @ symbol indicates a URL name without the first segment, e.g. the URL ''mydomain.me'' by itself.

Using CNAME aliasing, the original URL is retained in the browser. It is up to you (using virtual host files or Rewrite rules in the .htaccess files of Apache, for example) if you wish to massage the URL at your server (to change it to a canonical name) or redirect it.

=== URL forwarding ===
Some domain name registrars have a URL forwarding option. The method of implementation varies from provider to provider, however, and (depending on the DNS registrar) is often not as reliable as CNAME aliases. URL forwarding may be enabled using a DNS setting (similar to a CNAME alias) such as "URL redirect" or it may be in the form of a "Web forwarding" service. Check with your DNS registrar for specific instructions.

=== Examples ===
==== Multiple domain name URLs, single Dynamic URL ====
I have 3 servers on my host, each using a different domain name:
* ''mysite_1.mydomain.org'' is registered at ''MasterBlaster'' DNS Registrar.
* ''mysite_2.mydomain.org'' is registered at ''MasterBlaster'' DNS Registrar.
* ''mysite_3.myotherdomain.me'' is registered at ''Felix'' DNS Registrar. This site can also be accessed as ''myotherdomain.me'' and ''www.myotherdomain.me''.

I registered a free Dynamic URL at ''DynDNS'' and using ddclient make sure it is forwarded to my dynamic IP address (using the instructions above):
* ''bagoftricks.dyndns.org''

At ''MasterBlaster'' DNS Registrar I set up CNAME forwarding for ''mydomain.org'':

Name Type Content
mysite_1 CNAME ''bagoftricks.dyndns.org''.
mysite_2 CNAME ''bagoftricks.dyndns.org''.

At ''Felix'' DNS Registrar I set up CNAME forwarding for ''myotherdomain.me'':

Name Type Content
@ CNAME ''bagoftricks.dyndns.org''.
www CNAME ''bagoftricks.dyndns.org''.
mysite_3 CNAME ''bagoftricks.dyndns.org''.

On the host computer on my LAN to which incoming port 80 and 443 traffic is initially directed (by the router), I use Apache virtual host files for each of the incoming URLs.

*For example, ''mysite_3.myotherdomain.me'' is a MediaWiki website stored at /etc/mediawiki/''mysite_3''. There is a symbolic link from /var/www/''MySite_3'' to /etc/mediawiki/''mysite_3'', which was created:
sudo ln -s /etc/mediawiki/''mysite_3'' /var/www/''MySite_3''

A virtual host configuration file named ''MySite3'' was then created in /etc/apache2/sites-available (use ''gedit'' instead of ''kate'' in Ubuntu):
sudo kate /etc/apache2/sites-available/''MySite3''

and the settings created:
<VirtualHost *:80>
#
UseCanonicalName off
#
DocumentRoot /var/www/''MySite_3''
DirectoryIndex index.php index.html
#
ServerName ''mysite3.myotherdomain.me''
## We want to be able to access the web site using foobar1.dyndns.org or www.foobar1.dyndns.org
ServerAlias ''www.myotherdomain.me'' ''myotherdomain.me''
ServerAdmin webmaster@localhost
#
RewriteEngine On
#
<Directory /var/www/''MySite_3''>
Options Indexes FollowSymLinks MultiViews
Options FollowSymLinks MultiViews
# AllowOverride None
Order allow,deny
allow from all
</Directory>
#
</VirtualHost>

:The virtual host file was made active and Apache restarted:
sudo ln -s /etc/apache2/sites-available/''MySite3'' /etc/apache2/sites-enabled/''MySite3''
sudo /etc/init.d/apache2 restart

*''Mysite_1'' is a Drupal6 website stored at /etc/drupal/6/sites/''mysite_1.mydomain.org''. There is a symbolic link from /etc/drupal/6/sites/''mysite_1.mydomain.org'' to /var/www/''MySite_1'', which was created:
sudo ln -s /etc/drupal/6/sites/''mysite_1.mydomain.org'' /var/www/''MySite_1''

A virtual host configuration file named ''MySite1'' was then created in /etc/apache2/sites-available (use ''gedit'' instead of ''kate'' in Ubuntu):
sudo kate /etc/apache2/sites-available/''MySite1''

and the settings created:
<VirtualHost *:80>
#
UseCanonicalName off
#
DocumentRoot /var/www/''MySite_1''
DirectoryIndex index.php index.html
#
ServerName ''mysite_1.mydomain.org''
## We want to be able to access the web site using foobar1.dyndns.org or www.foobar1.dyndns.org
ServerAlias ''mysite_1.mydomain.org''
ServerAdmin webmaster@localhost
#
RewriteEngine On
#
<Directory /var/www/''MySite_1''>
Options Indexes FollowSymLinks MultiViews
Options FollowSymLinks MultiViews
# AllowOverride None
Order allow,deny
allow from all
</Directory>
#
</VirtualHost>

:The virtual host file was made active and Apache restarted:
sudo ln -s /etc/apache2/sites-available/''MySite1'' /etc/apache2/sites-enabled/''MySite1''
sudo /etc/init.d/apache2 restart

*Similarly, ''Mysite_2'' is a MediaWiki website stored at /etc/mediawiki/''mysite_2''. There is a symbolic link from /etc/mediawiki/''mysite_2'' to /var/www/''MySite_2'', which was created:
sudo ln -s /etc/mediawiki/''mysite_2'' /var/www/''MySite_2''

A virtual host configuration file named ''MySite2'' was then created in /etc/apache2/sites-available (use ''gedit'' instead of ''kate'' in Ubuntu):
sudo kate /etc/apache2/sites-available/''MySite2''

and the settings created:
<VirtualHost *:80>
#
UseCanonicalName off
#
DocumentRoot /var/www/''MySite_2''
DirectoryIndex index.php index.html
#
ServerName ''mysite_2.mydomain.org''
## We want to be able to access the web site using ''foobar1.dyndns.org'' or ''www.foobar1.dyndns.org''
ServerAlias ''mysite_2.mydomain.org''
ServerAdmin webmaster@localhost
#
RewriteEngine On
#
<Directory /var/www/''MySite_2''>
Options Indexes FollowSymLinks MultiViews
Options FollowSymLinks MultiViews
# AllowOverride None
Order allow,deny
allow from all
</Directory>
#
</VirtualHost>

:The virtual host file was made active and Apache restarted:
sudo ln -s /etc/apache2/sites-available/''MySite2'' /etc/apache2/sites-enabled/''MySite2''
sudo /etc/init.d/apache2 restart

*If the servers are on different computers on the LAN, then [[Apache2_reverse_proxies|Apache reverse proxy]] virtual host files should be used.

Dynamic DNS

Perspectoff — Sat, 08 Jun 2013 16:03:13 GMT

Perspectoff: Redirected page to Dynamic IP servers

#REDIRECT [[Dynamic_IP_servers]]

Template:Dynamic IP servers

Perspectoff — Sat, 08 Jun 2013 16:01:25 GMT