Table of Contents

• Calendar of Events
• Next General Meeting -- May 12
  • Tutorial: File Permissions
          by Craig Buchek
  • Presentation: Security Appliances
          by Clarence Johnson
  • Book Specials
• Next Linux Meeting -- May 20
  • Presentation: Linux Tricks and Tips
          by LUG Members
• Meeting Locations
• Articles
  • ITEC
  • SuSE Enterprise Server
  • Installing Nessus
• Sponsors
• Special Interest Groups (SIGs)
• Volunteering
• Contacts
• Submitting Articles

Calendar of Events

NOTE: More information on these groups, including locations and web sites, can be found in the "Meeting Locations" section below.

Next General Meeting is Wednesday, May 12

Tutorial

Abstract:

This month's tutorial will cover file permissions:

• The file protection bits.
• Setting file protections with chmod.
• Octal representation of protection bits.
• SetUID, SetGID, and the sticky bit.

Bio:

Craig Buchek is our current SLUUG president. He has been using Linux since 1994. He has used various flavors of Linux and UNIX in several positions, including firewall administration, network administration, and writing training materials.

Presentation

Abstract:

Learn the difference between equipment to handle different levels of security including hubs, bridges, switches, routers, firewalls, intrusion detection systems, NAT, and lots of other magical security potions.

Bio:

Clarence Johnson has more than 15 years' experience as a computer/network engineer. He has experience with operating systems, programming, network devices, and networking protocols. Currently Clarence designs and teaches technical courses at the UM-St. Louis Microcomputer Program. Clarence also serves on the SLUUG board of directors.

Ideas, questions and suggestions are welcome; please contact Craig Buchek (presentations@sluug.org).

Book Sales

Books that are not available at the meetings may be ordered to be picked up at the next SLUUG general meeting. Contact Carl Fitch (booksales@sluug.org).

May Special:

Next St. Louis LUG Meeting Is May 20

Abstract:

This month we will share random Linux tricks and tips.

Please come prepared with a couple of your favorite tips. What are your favorite options for programs such as ls, less, and vi? What environment variables do you set in your .profile? What secret settings have you found in Mozilla or GNOME gconf? What web sites have good info on using Linux? What settings can't you live without? How do you customize Linux when you build a new system?

Bio:

STLLUG members are a varied bunch. We range from those just exploring the possibilities that Open Source offers, to hard-core Linux experts.

Comments, questions, and ideas for the St. Louis Linux Users Group are welcome; please send email to Tony Zafiropoulos linux@sluug.org.

Meeting Locations

Meets the 2nd Wednesday of the month, 6:30pm to 9:00pm. Free and open to the public.

Graybar Electric Co, Inc.
11885 Lackland Rd.
St. Louis, MO 63146

Directions: Take I-270 to Page east. Take first exit (Concourse). Turn right at stop light (Lackland). Turn right at stop light into Graybar parking lot. Enter building at main entrance and sign in with security guard. Proceed down 1 level to lake level and cafateria training room.

Map:   http://www.mapquest.com/maps/map.adp?address=11885+Lackland&zipcode=63146

SLUUG - St. Louis UNIX Users Group (http://www.sluug.org)
Steering Committee

Meets the 1st Wednesday of the month, 6:30pm to 8:30pm. Open to the public. This is where we make decisions on what topics to cover and other administration of the group. If you want to get involved, this is a good place to start. We now meet at:

Omnitec
#60 Ladue Estates (around back)
Ladue, MO 63141
314-997-4600

St. Louis Linux Users Group (STLLUG) (http://www.stllinux.org)

Meets the 3rd Thursday of each month, 7:00pm to 9:00pm. The room is reserved starting at 6:00pm. (Ask a librarian to let you in if it is locked.) Members are encouraged to come early to mingle and/or give informal demos or presentations. Free and open to the public. (Formerly known as the Linux SIG.)

Indian Trails Library
8400 Delport Drive (at Midland)
St. Louis, MO 63114

Directions:   Take I-170 to Page east. Turn left at North-South. Turn left at Midland. Drive 2 blocks and turn left on Delport. The library is on your left.

Map:   http://www.stllinux.org/directions/

St. Charles LUG (http://www.sluug.org/~stclug)

Meetings are held from 6:30pm to 9:00pm on the 4th Thursday of each month, except November and December, which will be on the 4th Monday.
This is a SIG of SLUUG, intended for all Linux users in the Western and Northern parts of the greater metro area.

JJ's restaurant
200 Fort Zumwalt Square
O'Fallon, MO 63366

Directions:   I-70 to O'Fallon MO exit 217. South on Route K to Veterans Memorial Parkway (first light at top of hill). Turn right (west) and continue past the Woodlawn light about 300 feet. JJ's is on the left.

Map:   http://www.sluug.org/~cfit/stclug/Map_to%20JJ's.png

Hazelwood LUG (http://www.sluug.org/~hzlug)

Generally meets the 4th Tuesday of each month, 6:30pm to 9:00pm. Free and open to the public. This is a SIG of SLUUG, intended for Linux newbies.

Prairie Commons Library
915 Utz Lane (between Howdershell and Dunn)
Hazelwood, MO 63042

Map:   http://www.slcl.lib.mo.us/sysinfo/pc.html

WARNING: These articles may express personal opinions and SLUUG exerts no more editorial control over such content than does a public library. Any opinions, advice, statements, services, offers, or other information or content expressed herein are those of the respective authors and not necessarily supported by SLUUG. SLUUG does not guarantee the accuracy, completeness, or usefulness of any content, nor its fitness for any particular purpose.

ITEC

ITEC is this week: Wednesday May 12 and Thursday May 13. ITEC is a traveling IT Expo and Conference that comes to St. Louis once a year. Companies come to show off their latest products and services. The show is held at America's Center downtown. It opens at 10 am, and closes at 4 pm on Wednesday and 3 pm on Thursday.

Please sign up at the ITEC web site (http://goitec.com/live/15/events/15STL04/) for free tickets before going down to the show. Use SLUUG's code: LUUGTX.

SLUUG will be hosting a booth again this year. We're at booth #110, to the left as you enter. In addition to providing information (and advocacy) about UNIX, Linux, and Open Source, we will be selling our line of O'Reilly books. Discounts will be based on quantity of books purchased, ranging from 15% to 25%.

We're still looking for volunteers to help man the booth, and move gear in and out Tuesday afternoon and Thursday evening. If you can help, please contact Carl Fitch (cfit@sluug.org) ASAP.

SuSE Enterprise Server

Bill Sears of Novell spoke at last month's STLLUG meeting. He showed the full line of SuSE Linux products. Bill wrote in to report that SuSE Linux Enterprise Server 8 is now available for customer evaluation at the Novell Download Site: http://download.novell.com/.

No updates are currently offered, but customers who download now will be emailed to receive a 30-day evaluation of Red Carpet Daemon with updates for SLES 8 within the next two weeks.

Installing Nessus

[Editor's note: This is an abbreviated version of Lew's article. Lew's directions are for SuSE 9.0 Pro with KDE 3.1, but the general principals should pertain to any version of Linux, BSD, or UNIX.]

This is a simple how-to guide for installing the Nessus vulnerability scanner, server daemon, and client on SuSE Linux. The instructions do not include in depth explanations; it is assumed that you are familiar with features and benefits of Nessus and have a general working knowledge of Linux.

The installation process should be conducted using the "root" account. It is strongly suggested that your install take place on a safe non-routable network that does not have hostile traffic. Otherwise your system might be vulnerable and could easily become infected with a virus, worm, bomb, or hacked.

Nessus Application Requirements

Before installing Nessus, you will need to install all the required dependencies. On SuSE, you can do this via the YaST2 Software Install/Remove module in the Control Panel. Install the following packages:

• Bison, Flex
• Gcc, Gcc-c++
• GTK2, GTK2-devel, GTK-devel
• kdepim3-time-management package
• libnet
• Make
• OpenSSL , OpenSSL-devel
• Perl
• sharutils
• xfree86, xfree86-compat-libs, xfree86-devel

Then run YaST Online Update to patch all installed programs.

Download Nessus

• Click "Local Network"
• Change location to "/" <enter>
• Right click and Create New directory titled "nessus-installer", close window
• Using browser go to http://www.nessus.org/nessus_2_0.html
• From "The easy and less dangerous way" section download "nessus-installer.sh" file saving to the "nessus-installer" directory.

Compile Nessus

• Click "Konsole" on task bar and change directories to "nessus-installer"
• Type "sh nessus-installer.sh" <enter>
• Accept defaults by pressing <enter>
  (During the compiling process you may receive warning messages for "nessus_popen", "insert_nasl_func", and "extra tokens". These are warning messages and the compiling process should complete successfully.)
• When compiling process is complete you will be prompted to press <enter> to quit.

Nessus Server Setup

• Type "nessus-mkcert" to make a server certificate
  • Accept default for "CA certificate life" <enter>
  • Accept default for "Server certificate life" <enter>
  • Enter your 2 letter country code <enter>
  • Enter your state or province code <enter>
  • Enter your location <enter>
  • Enter your organization name <enter>
  • Certificate process completed message <enter to exit>
• Type "nessus-adduser" to create a user account
  • Enter login name <enter>
  • Accept default for authentication <enter>
  • Enter password <enter>
  • Press ctrl-D to end user creation process
  • "Is that ok?" message <enter>
• Type "nessusd -D" to start the Nessus server service
  (It may take several seconds for Nessus to finish initializing. The command prompt will return once the Nessus daemon is started).

If you wish to have the Nessus Server daemon automatically started when the system is booted, edit the "/etc/init.d/boot.local" file and append "nessusd -D".

Nessus Setup

• Type "nessus"
• Enter login
• Enter password
• Click "Log in" button
• "SSL Setup" window will appear, click <ok>
• "Nessus" windows asking to accept this certificate, click <yes>
• "Warning" message about plugins crashing remote systems will appear, click <ok>
• Close "Konsole" window

It is recommended that you run nessus-update-plugins periodically to update Nessus.

Firewall

SuSE provides built-in firewall protection. Vulnerability scanners such as Nessus do not normally function well with software firewalls in place. To remove the firewall:

• Click "Control Center" on task bar
• Click "YaST2 modules"
• Click "Security and Users"
• Click "Firewall"
• Check "Stop Firewall and Remove from Boot Process" <next>
• "Firewall configuration - deactivate firewall", click <next>
• "The firewall is now turned off" <ok>

General Information

Uninstall executable: /usr/local/sbin/uninstall-nessus
Configuration file: /usr/local/etc/nessus/nessusd.conf
Certificate Authority: /usr/local/com/nessus/CA/cacert.pem
Certificate Authority - Private: /usr/local/var/nessus/CA/cakey.pem
Nessus Server Certificate file: /usr/local/com/nessus/CA/servercert.pem
Nessus Server - Private Key file: /usr/local/var/nessus/CA/serverkey.pem
Nessus uses port 1241 to communicate

You now have a fully functioning Nessus server daemon and client installed. Nessus is now fully operational to help with your security needs.

About the Author

Lew Newlin (LNewlin@SiteRecon.com) is CTO of Information Solutions, Inc., which operates SiteRecon.com. SiteRecon specializes in security, email monitoring, and web site monitoring for Internet service providers and businesses.

Sponsors

• Accenture (formerly Andersen Consulting) - http://www.accenture.com
• Ajilon - http://www.ajilon.com
• Analysts International - http://www.analysts.com
• Bradford & Galt - http://www.bradfordandgalt.com
• CIBER, Inc. - http://www.ciber.com
• Cybercon - http://www.cybercon.com
• Cypress Systems, Ltd. - http://www.cypress-systems.com
• Daugherty Systems - http://www.daugherty.com
• Graybar Electric - http://www.graybar.com
• IBM - http://www.ibm.com
• Informix Corporation - http://www.informix.com
• K&S Pritchard Enterprises, Inc. - http://www.kspei.com
• Maryville Data Systems, Inc. - http://www.maryville.com
• Maverick Tube Corporation - http://www.maverick-tube.com
• O'Reilly & Associates - http://www.ora.com
• Renaissance Worldwide, Inc. - http://www.rens.com
• Sun Microsystems - http://www.sun.com
• Stopka & Associates - http://www.stopka.com
• Sunnen Products - http://www.sunnen.com
• Sykes Enterprises, Inc. - http://www.sykes.com
• Technisource Inc. - http://www.tsrc.net
• Triple-I Corporation - http://www.triplei.com
• Venmar Systems, Inc. - http://www.venmar.com
• The Law Offices of Rich McLennan - mclennan@sluug.org

For more information about sponsoring the St. Louis UNIX Users Group, contact Clarence Johnson (sponsorship@sluug.org).

Special Interest Groups (SIGs)

Volunteering

Contacts

Submitting Articles to the SLUUG Cronicle