Linux is More Secure

Linux is more secure than Windows. That would be because there are far fewer Linux users. It’s just not worth it for hackers to target Linux networks. There are even fewer Linux users than MacOS. In fact, Linux owns only about three percent of the computer market, compared to Microsoft’s lion’s share of 80 percent. If you’re going to spread a malicious piece of malware, Linux just offers a lower target opportunity.

There are other reasons Linux is more secure—difficulty of planting malware files, lack of automatic admin access, and a vigilant group of open-source developers, to name a few.

However, Linux Is Not Bulletproof

Linux operates in the wild and has about 15,000 developers working for over 1,400 companies, including Microsoft and Samsung. With over 24 million lines of code in its kernel—the core of its operating system—Linux has vulnerabilities and shortcomings:

• Outdated third-party software programs. Those programs can poke holes in Linux and open it to exploitation. Programs like MySQL with unsecured user access permit unauthorized entry to the user’s Linux network.
• Data loss by Linux admins. This has been a byproduct of poor data backup practices prior to system crashes. For example, many users typically back up files rather than the entire operating system. They fall for the myth that Linux-based systems are 100 percent secure.
• Poor password practices and enforcement. Linux administrators often use easy-to-decipher user credentials and passwords that are easy to crack.
• An alarming lack of security patches and patch management. Windows employs frequent security patches as a matter of self-preservation. Linux does not share anything near the same level of patch management. Many Linux systems can be exploited with malware like the Messaploit tool used to attack Android systems.
• Common vulnerabilities and exposures (CVE). The top 5 Linux vulnerabilities are technical flaws that plague Linux users. See this web articleat SecurityTraining.com for a list of the top 5 Linux vulnerabilities.

Finally, Linux provides free and open access to its core services. Making those core services available to anyone who has access to the system provides evil-doers with the keys to the kingdom. Those vulnerabilities can be:

• Exposed sensitive files
• User Account Infiltration
• Intercepted communications

Linux VPN to the Rescue

A VPN (virtual private network) provides a private connection to the internet. The user’s internet traffic arrives at its destination through another computer at a location selected by the user. Hackers and spies observing the user’s online activity can only know that the user’s computer is online and communicating with another computer on the network. The communications are encrypted and the user’s location is spoofed.

When the user connects to the VPN client, all internet traffic goes through the VPN service, which offers the aforementioned privacy and security. The user can either install the VPN from the Linux command line, or subscribe to a VPN service like Surfshark.

A Linux VPN client like Surfshark is a line of defense for heavy web users, who access multiple networks with unknown security and trustworthiness. Whether working from home or logging on to public WiFi hotspots, or simply wanting to screen a home internet service provider from the user’s online activity, VPN provides the means to do all that.

5 Advantages of VPN

1. A VPN bypasses user logs and ISP snoopers.Website providers frequently maintain logs on user behavior and sell the data to marketers. Without VPN, the user’s net activity and data downloads become a permanent record on sites the user visits. Net activity is the basis for big data that internet providers collect and sell to marketers. A VPN masks that activity and protects the user’s privacy and vulnerability to targeted online advertising.
2. A VPN defeats net censorship. Some governments restrict access to political websites they don’t want their citizens visiting. That blocking can go beyond simply protecting copyrights and licensing and becomes censorship. Since a VPN disguises the users’ location, it can defeat censorship. A VPN redirects the user to a server beyond the control of the censoring government.
3. A VPN will defeat a so-called man-in-the-middle attack. Logging into a non-secure public Wi-Fi connection opens the user to compromise of passwords, log-in credentials, and online financial transactions/communications. Tech-savvy hackers lurk in coffee shops, airport lounges and other places waiting for users to log in.

Those attacks consist of:

• rogue Wi-Fi networks that spoof the local unsecured website. The hacker intercepts the user’s connection and routes the victim to the fake network to do all kinds of damage.
• malware and open-sourced software installed on the user’s device
• theft of browser session cookies, which consist of unsecure login information and email account access

The best precaution against someone inserting themselves between the user and the online destination—in addition to malware protection and commonsense precautions—is to use a VPN.

4. A VPN by passes geo-restrictions.Geo-restrictions block users from accessing outside websites based on the user’s location. VPNs bypass those restrictions by logging in with an allowed IP address. By redirecting the internet connection to a remote server, the VPN spoofs the user’s IP address as if the user is logging locally.
5. A VPN thwarts abusive sales practices. Some online vendors use geo restrictions to post different prices for specific geographical areas. That practice results in the posting of higher product prices for more affluent areas. Using VPN, comparison shoppers can compare prices by logging into geographically separated servers. This also applies to shopping around for the best prices for airline and hotel prices.

How to Install a VPN on a Linux System

1. A do-it-yourself Linux VPN setup

To install VPN on Linux the user needs to be fairly skilled in Linux programming and understand command line language. Of course, the user must have a computer with Linux OS (Ubuntu, for example) with admin/sudo privileges. A working knowledge of VPN is also helpful.

The process initially involves changing the user’s domain name server to provide the first level of VPN privacy. That first step drops the user’s internet connection temporarily and requires a restart. Next, any DNS leaks—disconnects or drops from the VPN server—have to be fixed on the web browser.

The final step is to download and install a free VPN and select an OpenVPN server, which will relocate the user’s connection elsewhere. Each of the foregoing steps require Linux command-line entries, for example, “sudo apt-get install openvpn.”

Follow-up steps require performing DNS leak tests. The process can be complicated through configuration glitches that could cause Terminal failure. In the latter case, the user has to resort to a different VPN with a command like “sudo openvpn vpnbook-ca1-tcp443.ovpn.” Also, the user might be able to troubleshoot the installation through hints in an error message.

2. Subscribe to a VPN service like Surfshark

For Linux users neither adept nor interested in the intricacies of do-it-yourself VPN installation, Surfshark provides a native app for Linux. The VPN app comes with more features and requires less complicated configuration. For example, Surshark offers a command-line app that works on the popular Linux Ubuntu and Debian systems. According to Comparitech.com, the Surfshark VPN app:

• allows the user to select from a list of server locations to mask the user’s IP address
• capitalizes on the VPN’s capability to unblock overseas, geographic restricted services like Netflix, Hulu, Amazon Prime, etc.
• is the only VPN provider that allows an unlimited number of simultaneous connections on the user’s account

Steps to set up VPN for Linux

The first step is to download the Linux VPN client (Surfshark, for example.) Next, perform the simple install and update steps from the Linux command line.

Essentially, the instructions involve downloading and installing the setup package. Next, the user opens the Linux terminal to get the update and installing the VPN. Once the app is installed the program accepts the VPN executor.

In the next step, the user can choose from a variety of VPN server locations. If the VPN is OpenVPN, the user can choose between two protocols, UDP and TCP. UDP has better speeds. When connected the terminal will display the user’s connection status with the new IP that masks the online address of the user.

There are an important series of Terminal commands in Surfshark VPN for Linux. They all begin with “sudo Surfshark-vpn” and include the suffix keywords: help, status, down (for disconnect), attack (for connection to an optimal location), and forget (for logout).

For an illustrated walkthrough of the Surfshark VPN process log on to the Surfshark article “How to set up Surfshark app for Linux.”

Summary and Takeaways

The Linux operating system is an open-sourced, robust operating system. It is more secure than other operating systems by virtual of its vastly lower number of users. However, Linux is not invulnerable. Outdated third-party applications can poke holes in Linux, and user carelessness in password security and sloppy backup can also compromise Linux devices.

Installing VPN on a Linux device can shore up security by providing a secure connection between the user and the internet. VPNs thwart snooping, net censorship, and man-in-the middle attacks. VPNs also bypass net censorship, local entertainment streaming restrictions, and abusive online sales practices.

The Bottom Line

The easiest way to install a VPN on a Linux system is through a VPN provider like Surfshark. Surfshark provides an affordable, and feature-rich VPN for Linux systems that:

• has a variety of server location access
• is especially robust in accessing geo-blocked entertainment streaming services (Netflix, for example)
• allows an unlimited number of connections on devices owned by the subscriber

The post Quick Guide to Setting Up VPN Client on Linux appeared first on WebKu.

What is Bazel?

Bazel is a compilation tool developed by Google’s under its open-source initiative, and Bazel uses distributed caching and incremental build methods to make compilation faster. It natively supports the Java and C++ languages, and currently has open-source related rules for compiling Golang projects.

Install Bazel on CentOS or Redhat for building and testing of software

1. 1. Open Command terminal on CentOS or RHEL. If you are on the CLI server then you already on that, however, for GUI, go to Activities, and from the menu, click on Terminal icon.
   2. Login as Root or standard user with sudo access.
   3. Add Bazel repository on CentOS 8/7. And same for the Redhat.For CentOS 7 or Redhat 7:

      yum config-manager --add-repo https://copr.fedorainfracloud.org/coprs/vbatts/bazel/repo/epel-7/vbatts-bazel-epel-7.repo

      For CentOS 8 Linux or RHEL 8:

      dnf config-manager --add-repo https://copr.fedorainfracloud.org/coprs/vbatts/bazel/repo/epel-8/vbatts-bazel-epel-8.repo

   4. Command to install Bazel on CentOS

      dnf install bazel

      or

      yum install bazel

      Output for the command:

      [root@localhost ~]# dnf install bazel
      Last metadata expiration check: 0:00:57 ago on Sat 05 Oct 2019 09:49:22 AM EDT.
      Dependencies resolved.
      ===============================================================================================================
      Package Arch Version Repository Size
      ===============================================================================================================
      Installing:
      bazel x86_64 0.29.1-0.el8 copr:copr.fedorainfracloud.org:vbatts:bazel 24 M
      Installing dependencies:
      copy-jdk-configs noarch 3.7-1.el8 AppStream 27 k
      java-11-openjdk x86_64 1:11.0.4.11-0.el8_0 AppStream 227 k
      java-11-openjdk-devel x86_64 1:11.0.4.11-0.el8_0 AppStream 3.3 M
      java-11-openjdk-headless x86_64 1:11.0.4.11-0.el8_0 AppStream 39 M
      javapackages-filesystem noarch 5.3.0-1.module_el8.0.0+11+5b8c10bd
      AppStream 30 k
      ttmkfdir x86_64 3.0.9-54.el8 AppStream 62 k
      tzdata-java noarch 2019a-1.el8 AppStream 188 k
      xorg-x11-fonts-Type1 noarch 7.5-19.el8 AppStream 522 k
      lksctp-tools x86_64 1.0.18-3.el8 BaseOS 100 k
      Enabling module streams:
      javapackages-runtime 201801
      
      Transaction Summary
      ===============================================================================================================
      Install 10 Packages
      
      Total download size: 67 M
      Installed size: 205 M
      Is this ok [y/N]:

   5. Accept the Importing of Fedora COPR GPG key. Press Y key to accept it and continue the Bazel installation process.Output:

      warning: /var/cache/dnf/copr:copr.fedorainfracloud.org:vbatts:bazel-df36dce8e0c0e1d6/packages/bazel-0.29.1-0.el8.x86_64.rpm: Header V3 RSA/SHA1 Signature, key ID eb2be214: NOKEY
      Copr repo for bazel owned by vbatts 285 B/s | 961 B 00:03
      Importing GPG key 0xEB2BE214:
      Userid : "vbatts_bazel (None) <vbatts#bazel@copr.fedorahosted.org>"
      Fingerprint: 090F 9C8B BDB6 3200 807E 16C2 978A 4B98 EB2B E214
      From : https://copr-be.cloud.fedoraproject.org/results/vbatts/bazel/pubkey.gpg
      Is this ok [y/N]: y
      Key imported successfully
      Running transaction check
      Transaction check succeeded.
      Running transaction test
      Transaction test succeeded.
      Running transaction
      Running scriptlet: copy-jdk-configs-3.7-1.el8.noarch 1/1
      Running scriptlet: java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64 1/1
      Preparing : 1/1
      Installing : lksctp-tools-1.0.18-3.el8.x86_64 1/10
      Running scriptlet: lksctp-tools-1.0.18-3.el8.x86_64 1/10
      Installing : tzdata-java-2019a-1.el8.noarch 2/10
      Installing : ttmkfdir-3.0.9-54.el8.x86_64 3/10
      Installing : xorg-x11-fonts-Type1-7.5-19.el8.noarch 4/10
      Running scriptlet: xorg-x11-fonts-Type1-7.5-19.el8.noarch 4/10
      Installing : javapackages-filesystem-5.3.0-1.module_el8.0.0+11+5b8c10bd.noarch 5/10
      Installing : copy-jdk-configs-3.7-1.el8.noarch 6/10
      Installing : java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64 7/10
      Running scriptlet: java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64 7/10
      Installing : java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64 8/10
      Running scriptlet: java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64 8/10
      Installing : java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64 9/10
      Running scriptlet: java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64 9/10
      Installing : bazel-0.29.1-0.el8.x86_64 10/10
      Running scriptlet: copy-jdk-configs-3.7-1.el8.noarch 10/10
      Running scriptlet: java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64 10/10
      Running scriptlet: java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64 10/10
      Running scriptlet: bazel-0.29.1-0.el8.x86_64 10/10
      Verifying : copy-jdk-configs-3.7-1.el8.noarch 1/10
      Verifying : java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64 2/10
      Verifying : java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64 3/10
      Verifying : java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64 4/10
      Verifying : javapackages-filesystem-5.3.0-1.module_el8.0.0+11+5b8c10bd.noarch 5/10
      Verifying : ttmkfdir-3.0.9-54.el8.x86_64 6/10
      Verifying : tzdata-java-2019a-1.el8.noarch 7/10
      Verifying : xorg-x11-fonts-Type1-7.5-19.el8.noarch 8/10
      Verifying : lksctp-tools-1.0.18-3.el8.x86_64 9/10
      Verifying : bazel-0.29.1-0.el8.x86_64 10/10
      
      Installed:
      bazel-0.29.1-0.el8.x86_64
      copy-jdk-configs-3.7-1.el8.noarch
      java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64
      java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64
      java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64
      javapackages-filesystem-5.3.0-1.module_el8.0.0+11+5b8c10bd.noarch
      ttmkfdir-3.0.9-54.el8.x86_64
      tzdata-java-2019a-1.el8.noarch
      xorg-x11-fonts-Type1-7.5-19.el8.noarch
      lksctp-tools-1.0.18-3.el8.x86_64
      
      Complete!

   6. Check Bazel installed Version

      bazel --version

      OutPut

      bazel 0.29.1

   7. The installation is successful. To start building some basic project, you can see the official tutorial page.

What is special about Bazel?

Bazel is a software development model designed to work with Google.

Has the following characteristics:

Multi-language support: Bazel supports Java, Objective-C and C++, and can be extended to support any programming language.

High-level build language: Engineering is described by the BUILD language. The BUILD language describes a project consisting of multiple small interrelated libraries, binaries, and test programs in a concise text format. In contrast, tools like Make need to describe individual files and compiled commands.

Multi-platform support: The same set of tools and the same BUILD file can be used to build software for different architectures and platforms. At Google, we use Bazel to build server-side programs that run on our data centre systems and client applications that run on mobile phones.

Reproducibility: In a BUILD file, each library, test program, and binary must explicitly and explicitly specify direct dependencies. When the source code file is modified, Bazel uses this dependency information to know which ones must be rebuilt and which tasks can be executed in parallel. This means that all builds are incremental and can produce the same results each time.

Scalability: Bazel can handle huge builds; at Google, a server-side program with more than 100k of source code is a common thing. If no files are changed, the build process takes about 200ms.

Why should I use Bazel?

Bazel can double the build speed because it only recompiles files that need to be recompiled. Similarly, it skips tests that have not been changed.

It produces a determined result. This eliminates the difference in build results between incremental and clean builds, development machines, and continuous integration.

Bazel can use the same tools under the same project to build different client and server applications. For example, you can modify a client/server protocol in a commit and then test that the updated mobile and server-side programs work properly, using the same tools when building, using the Bazel mentioned above. characteristic.

The post How to install Bazel on CentOS 8 Linux or Redhat 8/7 appeared first on WebKu.