1. 3

    I’ll be working on securing some Ubuntu Linux servers. At this point I’m mostly thinking IP tables. Any suggestions in that area would immensely appreciated.

    I’ll also be looking into the best way to add formatted text my pet project using GTK and Vala. Right now I’m just writing out to a textbox and frankly it’s hideous and unreadable. I need a better way really bad.

    1. 5

      i’ve always ran http://www.fail2ban.org/wiki/index.php/Main_Page + some aggressive firewall rules

      1. 2

        Fail2ban looks like something we could really use, thanks!

      2. 3

        I recommend using ferm instead of messing with iptables rules directly. It makes some great abstractions and it’s a lot cleaner to read imho.

        As others have said, run fail2ban on any public facing services. rkhunter and Monit can also be helpful.

        Make sure you also subscribe to ubuntu-security-announce so you stay up to date with any security releases.

        1. 3

          I use logwatch for emailing me logs.

          If someday you happen to have your servers invaded it would be great to have non-compromised logs.

          1. 3

            How are you liking the new valadoc the designers did an amazing job. I didn’t like the 90’s look it had earlier.

            1. 2

              I really like it actually. I’m glad someone finally put time in to making it look nice.

              I don’t know for sure, but I assume, the same people are doing vala-lang. I wish they would finish.

              1. 2

                The valadoc website was mainly designed by the folks at elementary OS and yes the person from vala-lang is also involved with the project. If you want to give some feedback on the website, you can dropinto #elementary on freenode, it’s bridged to the slack where everyone hangouts. You can also send me a message and i’ll relay it there (i am a contributor to elementary OS)

            2. 3

              Is your vala project on github?

              1. 1
              2. 2

                IIRC, GTK labels support very basic HTML, and worst case, you can render it with Pango manually.

                1. 2

                  If your UI isn’t terribly complicated and portability isn’t an issue, then honestly the best way is to toss GTK in the trash.

                  I maintain a MUD client which I initially wrote against GTK. I ran into the same problem as you, got annoyed, and rewrote it to directly call X11 functions. The new code is shorter and it’s not a gigantic pain in the ass to go off-piste.

                  1. 2

                    I maintain a MUD client which I initially wrote against GTK. I ran into the same problem as you, got annoyed, and rewrote it to directly call X11 functions. The new code is shorter and it’s not a gigantic pain in the ass to go off-piste.

                    Calling X11 directly is cleaner than an actual GUI toolkit? Or even Athena vs. any modern toolkit? Most people I’ve seen would have switched to Qt, but I’ve never seen anyone call X11. How is portability?

                    1. 1

                      For what it’s worth, my UI looks like this.

                      How is portability?

                      It runs on at least two different Linux distributions :)

                      1. 2

                        Blast from the past! Does Medievia still claim not to be a Diku? :)

                        1. 1

                          I don’t think anyone has brought it up for a few years, but you can still pay cash for ingame items, so I guess that counts. :<

                    2. 1

                      No, at this point, the UI isn’t that bad. I’ve seen a lot worse.

                      I’m not wedded to GTK in any other way except the rest of the program is written in Vala.

                      I’ve thought about just embedding a web browser and going that route. I think I can do WebKit without a lot of work. My only hesitation there is that I’ll have to do web design and I’m terrible at that.

                      1. 2

                        Is your project open source? I’d be open to helping you with the design part. ;)

                        1. 1
                    3. 2

                      Ossec.net is nifty to get you alerts about what’s happening on the system ?