Monday, July 30, 2012

25+ Awesome Linux/Unix command chaining examples

http://www.linuxnix.com/2012/07/23-awesome-less-known-linuxunix-command-chaining-examples.html


Command chaining is a concept to execute two or more commands in one shot to increase ..
  1. productivity
  2. Reduce system resource usage(In some cases )
  3. Short and sweet codes :) .
In this post we will see how to use different command chaining operators available for us in an easy way.

Command chaining operators

& –Sends process background(run in background parallelly )
; –Run multiple commands in one run, sequentially.
\ –To combine a big command for multiple lines
&& –Logical AND operator
|| –Logical OR operator
! -NOT operator(I did not find much info on this.0)
| — PIPE operator
{} –Command combination operator.
() –Precedence operator

& – Runs a command in background(AND operator)

This operator is used to send a process/script/command to run background so that we can execute other commands in foreground to increase effective utilization of system resources and to speed up the script execution. This is also called as Child process creation or forking in other programming languages.
Example1: Run commands in background
$ping -c1 google.com &
Example2: Run more commands in background in single line
$ping -c1 google.com & scp root@1.1.1.10:/opt/* /opt &
Above commands are run in background parallelly independent of other commands. Like this we can run many such commands parallel.

; – semicolon operator

This operator Run multiple commands in one go but in a sequential order. So second command will run after first command completion, third command will run only after second command run.
Example3: Execute ls, pwd, whoami commands in one command
ls;pwd;whoami
Note1: The number of commands you can run is infinity. By default there is no limit on how many commands you can run with ; operator. We have checked this with 500 commands executed in one line. The limit depends only on memory or ulimits settings.
Exampl4: Run a bash shell script IF statement in one command
if [ $? -eq 0 ]; then echo “sucess”; else echo “fail”; fi
Example5: Run online FOR loop
for i in `ls -1`;do echo “file is $i”;done
Example6: Run online while loop
while [ $VAR1 -eq 10 ]; do echo “Var value is $VAR1”; done
Example7: Run online until loop
until [ $VAR1 -eq 10 ]; do echo “Var value is $VAR1”; done
This is a kind of shell scripting at terminal or one liner shell scripting or temporary shell scripting. This will help you not to create a file for your small and dirty scripts. Just execute your script directly at terminal.

\ – Concatenation operator

This operator is used to execute a command which is too big and spread on multiple lines. This operator helps to spread this command to do multi line execution.
Example8: Try to copy a file /var/ftp/pub/webadmin/debina/read from sysloggerserver1.linuxnix.com to /opt/oradba/debadmin/logic/abc folder on sysloggerserver2.persistentsystems.co.in and I am at surendrahome.beamtele.com.
ssh abc@sysloggerserver1.linuxnix.com:\
/var/ftp/pub/webadmin/debian/read \
abc@sysloggerserver2.persistent.co.in\
:/opt/oradba/debadmin/logic/abc/
Actually this a big command but I divided this to multiple lines to make it look good and understandable by using \.

&& –Logical AND operator

This operator lets you execute second command, if the first command runs successfully i.e exit status is zero. This is very much useful to check the success status of first command. For example I want to connect to abc.com before connecting I want to check if that machine is pingable or not.
Example9: Connect to a machine only if its able to ping other wise dont execute connect command
ping -c1 abc.com && ssh abc@abc.com
Example10: Assign a value to variable if it’s not set
[ -z $VAR1 ] && VAR1=10
Example11: Check if a folder exists or not. If it’s not present, create it.
[ ! -d /var/temp ] && mkdir /var/temp
Example12: Create folder, if the folder creation is successful then only change the directory.
mkdir abc && cd abc
Example13: Change to a folder, if this is success then list the content.
cd /var/ftp && ls
Like this you can use your imagination to use this operator effectively to save some time.

|| –Logical OR operator

This operator lets you execute second command, if the first command fails i.e exit status is greater than zero of first command. This is very much useful to check the failed status of first command. For example I want to create a folder, but before that I want to check if folder exits or not. If it’s not exists then create it.
Example 14: Create a folder if the folder does not exits.
[ -d /var/temp ] || mkdir /var/temp
Example15: Ping to a machine and let users know if it’s not reachable in a meaning full way.
ping -c1 google.com &> /dev/null || echo “There is some problem with network, please connect your network admin”

&& and || operators combination

We can use && and || to simulate if-else statement with in one line. If the first command executed successfully we can execute second command otherwise we will execute third command.
Example16: ping google.com, and display useful information to user if its pingable or not.
ping -c1 google.com && echo “Thats good, able to ping google.com” || echo “Thats bad unable to ping google.com”
Example17: Check if a file exists or not. If its exists inform user it exists otherwise create it.
[ -f /var/abc.txt ] && echo “file exists” || touch /var/abc.txt
Example18: Check if my previous command executed successfully or not
pwd
/home/surendra
[ $? -eq 0 ] && echo “Yes, pwd command successfully executed” || echo “pwd command failed”

! -NOT operator(Negation operator)

Update:A follower(Flatcap) of this blog suggested below examples for this operator. This operator is very much handy when you want to delete or move all the files expect .txt files we can use this operator.
Example18: Remove all the files which are not a .doc file.
ls | grep -v doc | xargs rm -rf
or
rm -rf *.{xls, txt, pdf}
The above rm command have some disadvantage, if we have more number of file extension we have to enter all of them. And the first command we are using total 4 commands to accomplish our task. so At this point we better use ! operator for removing all the files expect .doc files as shown below.
rm !(*.doc)
Example19: Move all the files expect .doc files to /opt
mv !(*.doc) /opt/
Example20: Copy all the files expect pdf files to /opt/all
cp !(*.pdf) /opt/all

| — PIPE operator

This is well-known to many people, this operator is used to send output of first command as an input to second command.
Example21: Count no of files/folder located in a folder
ls -l | wc -l
Example22: Display all the partition names in the system.
df -h | awk ‘{print $1}’

{ } –Command combination operator

This operator used to combine two or more commands to be executed depending on the previous command. This can be explained with an example
Suppose I want to check if a file exists or not. If it does not exists We have to display error and then we have to create it. Lets do that without this {} operator
Example23: Check if /opt/abc.txt exists or not?
[ -f /opt/abc.txt ] || echo “The file does not exists”; touch /opt/abc.txt
touch command in the above command never depends on first command exit status. In order to make it depend on first command we have to use { } braces as shown below.
[ -f /opt/abc.txt ] || { echo “The file does not exists”; touch /opt/abc.txt; }
Note: Make sure that you given ; operator at the end of last command as shown in above example. This is mandatory and without it you may get error.
Example24: Ping to a machine, if able to ping display some useful info then try to connect to it using ssh.
ping -c www.linuxnix.com && {echo “That is pingable, too good..!”; ssh root@www.linuxnix.com;}

() –Precedence operator

This operator used to execute command in precedence order which command to execute first. For example see below example
command1 && command2 || command3 && command4
If you see command2 executes if the command1 executed successfully. But once command2 executed remaining commands command3 and command4 are not going to execute. In order to eliminate this we have to use precedence operator. So below command sequence command3 and command4 will be executed if command1 or command2 failed.
Example25:
( caommand1 && command2 ) || ( command3 && command4 )
In this way we can save some valuable time. Please comment your thoughts on this.

Black Hat hacker gains access to 4 million hotel rooms with Arduino microcontroller

http://www.extremetech.com/computing/133448-black-hat-hacker-gains-access-to-4-million-hotel-rooms-with-arduino-microcontroller


Bad news: With less than $50 of off-the-shelf hardware and a little bit of programming, it’s possible for a hacker to gain instant, untraceable access to millions of key card-protected hotel rooms.
This hack was demonstrated by Cody Brocious, a Mozilla software developer, at the Black Hat security conference in Las Vegas. At risk are four million hotel rooms secured by Onity programmable key card locks. According to Brocious, who should be scolded for not disclosing the hack to Onity before going public, there is no easy fix: There isn’t a firmware upgrade — if hotels want to secure their guests, every single lock will have to be changed.
The hack in its entirety is detailed on Brocious’s website, but in short: At the base of every Onity lock is a small barrel-type DC power socket (just like on your old-school Nokia phone). This socket is used to charge up the lock’s battery, and to program the lock with a the hotel’s “sitecode” — a 32-bit key that identifies the hotel. By plugging an Arduino microcontroller into the DC socket, Brocious found that he could simply read this 32-bit key out of the lock’s memory. No authentication is required — and the key is stored in the same memory location on every Onity lock.
ArduinoThe best bit: By playing this 32-bit code back to the lock… it opens. According to Brocious, it takes just 200 milliseconds to read the sitecode and open the lock. “I plug it in, power it up, and the lock opens,” Brocious says. His current implementation doesn’t work with every lock, and he doesn’t intend to take his work any further, but his slides and research paper make it very clear that Onity locks, rather ironically, lack even the most basic security.
I wish I could say that Brocious spent months on this hack, painstakingly reverse-engineering the Onity lock protocol, but the truth is far more depressing. “With how stupidly simple this is, it wouldn’t surprise me if a thousand other people have found this same vulnerability and sold it to other governments,” says Brocious, in an interview with Forbes. “An intern at the NSA could find this in five minutes.”
That is how he justifies his public disclosure of the vulnerability: If security agencies and private militias already have access to millions of hotel rooms, then this is Brocious’s way of forcing Onity to clean up its act. By informing the public, it also means that we can seek out other methods of securing our rooms — such as chain- or dead-locks on the inside of the room.
As for how Onity justifies such a stupendously disgusting lack of security, who knows. Generally, as far as managerial types go, securing a system seems like a frivolous expense — until someone hacks you. In non-high-tech circles, hacks like this are par for the course — usually, a company doesn’t hire a security specialist until after its first high-profile hack. For a company that is tasked with securing millions of humans every night, though, it would’ve been nice if Onity had shown slightly more foresight.
Read more about last year’s Black Hat hacks: Opening car doors via SMS and hacking wireless insulin pumps

Thursday, July 26, 2012

Tips and Tricks to Optimize MySQL

http://www.openlogic.com/wazi/bid/195905/Tips-and-Tricks-to-Optimize-MySQL


Databases tend to grow over time as they store more and more information. To ensure your database information can be accessed in the shortest time possible, you need to learn a few tricks to speed up data retrieval. For MySQL databases, you can use indexes and partitions to limit the amount of data that MySQL has to traverse to fetch query results, and use some other optimization tricks to further improve performance.
For a specific type of frequently accessed data, creating an index is the best way to speed things up. For example, if you have a table with 20 columns, of which one column is frequently accessed, you can create an index for that column to speed up lookups on it. If there are no indexes, MySQL performs a full table scan to retrieve data. It examines all the records in the table, one after another, until either the last record is read or the query is satisfied. With an index, however, MySQL can look up data without having to read each record of the table. As soon as a match is found in the index, you're pointed to the data in the actual table. Think of it like an index in a book. When looking for a particular topic, you can either flip through the pages until you reach the end of the book or find what you're looking for, or you can visit the index to reveal the page number for the topic you're interested in.
When you create an index for a field, MySQL collects all the information in that particular column, sorts it, and then stores it in a unique object or file, separate from the table, along with references to the original table with the unsorted data.
Maintaining indexes does require additional resources. If you create an index for a table that is frequently updated, all the DELETE, INSERT, and UPDATE statements must also update the index, in addition to the data table itself. Frequent alterations on indexes place an additional load on the server and may slow down other important processes, so you shouldn't create indexes for all fields, but only for ones that are often queried for information, and where the table is large enough (with several thousands of rows or more) to necessitate faster retrieval.
The way the indexing works also depends on the type of storage engine you use to create the tables for your MySQL database. Up until version 5.5, MyISAM was the default storage engine, but InnoDB has taken its place as the default as of MySQL 5.5 – though you can define the default storage engine in the my.cnf file or manually specify the engine to use when creating tables.
On top of this, there are several different types of indexes that you can use, such as B-Tree or Hash. Your choice of index depends on the storage engine you use.

Using Indexes

You can create an index for a table while creating the table itself, or create an index for existing tables. The following code creates a new table with an index on one of the columns:
CREATE TABLE records (
     name VARCHAR(50), 
     age INT,
     id_num INT, INDEX (id)
        		
)
This creates an index named id for the id_num column on the table. For an existing table, the command would be CREATE INDEX id ON records(id_num).
To simultaneously create an index on multiple columns for an existing table, use a command like ALTER TABLE records ADD INDEX id(id_num), ADD INDEX name(name);.
As MySQL is unaware of the exact nature of data stored in a field, other than the data type (whether CHAR or INT), it will create an index using the full length of the data. So, if you have a table of songs, for instance, and you create an index on the 50-character name field, MySQL will store the entire length of the name for every song in the database. In a case like this, it might be wiser to store only the first 20 characters in the index, instead of the full length; that should give you enough characters to help you distinguish between songs. For large databases with very long columns, it would be a waste of space to store the entire name in the index.
You can restrict the length of the data to 20 characters by specifying it along with the name of the column, like so:
ALTER TABLE records ADD INDEX id(id_num), ADD INDEX name(name(20));
An improperly configured index can slow down a server by hoarding its resources, so you need to have a firm grasp of the underlying technology, particularly if you're using the InnoDB storage engine. Take some time to familiarize yourself with the intricacies of InnoDB and how it works with primary key and secondary key indexes.

Partition MySQL Tables

The second trick, using partitions, is ideal for very large tables with several hundred thousand rows or more. While you can also partition tables with only several thousand rows, you will notice a remarkable difference in lookup times for the larger tables.
You can divide either a table's rows (called horizontal partitioning) or columns (vertical partitioning) into partitions. When you do so, instead of traversing the entire table, MySQL queries only the relevant partition, which greatly reduces the lookup times.
A partition can have any number of rows or columns, but you should try to keep partitions relatively small compared to the size of the table if you want to see performance gains. Each table can be divided into 1,024 partitions at most.
Before you try to partition a table, first check whether your version of MySQL was built with partitioning support. When compiling MySQL from source, you need to use the -DWITH_PARTITION_STORAGE_ENGINE option to build partitioning support; the MySQL software package distributed in the repositories of most distributions comes with the partitions option built-in. To check, run SHOW PLUGINS; at the MySQL prompt, which will print a tabular list of all plugins and their status. Make sure that partition is listed as one of the plugins; if it isn't, you can't use the partitioning feature of MySQL.
You can create partitions when creating a table, or alter an existing table to partition its data set. You can create various types of partitions, such as RANGE, LIST, and HASH. The most commonly used is Range, where each partition is defined to accept a specific range of values for some column. What partition suits your table best will depend on the type of data stored in the table.
You must use the PARTITION BY keyword to define how the partitions are to be effected. So, to create a partition based on a range of data such as year, use the PARTITION BY RANGE(YEAR(order_date)) clause, like so:
CREATE TABLE employees ( 
order_date DATETIME NOT NULL, 
-- Other columns omitted 
) PARTITION BY RANGE(YEAR(order_date)) ( 
PARTITION p_2009 VALUES LESS THAN (2009), 
PARTITION p_2010 VALUES LESS THAN (2010), 
PARTITION p_all VALUES LESS THAN MAXVALUE ); 
This command will create three partitions on the table employees, one for each of the specified years. Here, the first partition holds data for all years up to 2009, while the last partition, p_all, holds all the records that are left over after the other records are partitioned. The data is partitioned as soon as it matches a partitioning criterion, so no two partitions can have the same data.
When querying data from a partitioned table, you don't need to specify the partition; the query remains the same whether or not you use partitions. MySQL will automatically deduce which partition to retrieve the information from.
As with indexes, there's a small performance penalty with partitioning. When you insert new rows into a partitioned table, MySQL has to determine which partition the new data should go into, and this requires resources. While this additional drain on resources isn't necessarily crippling, you have to take it into account when creating partitions. Depending on the size of the table, it might be wise to use dozens of partitions, but once you start reaching into the hundreds, take due care that using partitions itself doesn't affect performance.

Identify Slow Queries

One of the best thing about MySQL is that it can help you identify the queries that take up the most resources via its slow-query-log.
MySQL doesn't record slow queries by default; running mysqladmin var | grep log_slow_queries in the terminal will confirm this for you. To enable the option, edit the my.cnf configuration file and add these lines under the [mysqld] block:
long_query_time = 1
log-slow-queries = /var/log/mysql/mysql-slow-query.log
The default long_query_time is 0, but we've set it to 1 here to make MySQL log all queries that take longer than 1 second to execute. Feel free to change this value, as well as the location for the log file. When you're done, you need to restart the MySQL server with the command /etc/init.d/mysql restart for the changes in the my.cnf file to take effect.
You can then use the mysqldumpslow command-line tool, included with MySQL, to get a summary of the slow-query-log file. If you see a list of queries that are taking too much time to execute, you can try to find out why.
Explain is one of the most widely used MySQL query analysis tool available. When used with a SELECT statement, it reveals a wide array of information, such as the number of tables involved in the statement, how the data is looked up, if there are any subqueries, whether any indexes are used, and much more. You can run Explain on each of of the slow queries to determine why the statements are slow. Once you know the causes, you should be able to figure out how to fix the problems.

Fix That Configuration File

One final tip: MySQL Tuner is a Perl script that you can run to test your MySQL performance. Based on the results, and other observations, the script will then advise what changes you can make in the configuration file to improve performance.
At the terminal, type wget http://mysqltuner.com/mysqltuner.pl to download the script. Make the script executable with the command chmod +x mysqltuner.pl. Run it by typing ./mysqltuner.pl; you will be prompted for your MySQL root password.
The output from the script is divided into sections. The General and Storage Engine Statistics at the top tells you the number of tables in each of the different storage engines. Performance Metrics lists parameters the script checks the system for, such as slow queries, memory usage, and temporary tables. Finally, the Recommendations section lists all the variables that you need to adjust in the configuration files.
By using some of these performance and optimization tricks, you ought to be able to speed up MySQL. For best results, read the documentation carefully before implementing any of these techniques.

Wednesday, July 25, 2012

100 "Funnest" Open Source Games and Apps

http://www.datamation.com/open-source/100-funnest-open-source-games-and-apps-1.html


It's become something of a summer tradition here at Datamation to take a break from featuring open source apps for businesses and concentrate on open source apps that are just plain fun. This year, we've updated and expanded our list of the open source movement's "funnest" apps with 100 titles in all. We've added two entirely new categories: board games and sports games, and we found plenty of good games that we had overlooked on previous versions of this list.
As you read through, you'll probably notice that many of the titles are remakes or are designed "in the tradition of" older games, many of them from the 90s, 80s, or even earlier. It seems open source developers often miss the games they played in their youth and update them for the new generation of players.
You also might notice that a small but growing number of these games are available for mobile platforms, particularly Android. Given the growing popularity of smartphones, that trend shouldn't be a surprise, and it seems likely to continue.
With no further ado, here's the 2012 edition of the "funnest" open source apps. As always, please use the comments section below to let us know about any worthy apps we might have overlooked.
(P.S. For the grammar nazis out there, we know that "funnest" isn't a word--that's why it's in quotes.)

Arcade Games

1. BZFlag
Also known as "Battle Zone Capture the Flag," BZFlag is based on one of the most popular games ever created for Silicon Graphics machines. With nearly 200 servers available, it's fairly easy to find a group to play this multi-player 3D tank game. Operating System: Windows, Linux, OS X.
2. The Legend of Edgar
On a dark and stormy night, Edgar's father fails to return home, leading Edgar to believe he has been captured by an evil sorcerer. In this 2D game, players help Edgar overcome obstacles, solve puzzles, defeat enemies and find his father. Operating System: Windows, Linux, OS X.
3. Powermanga
Similar to the old arcade game Galaga, Powermanga is a 2D space shooter with 41 levels to play. It's good for hours of shoot 'em up fun. Operating System: Linux.
4. Rocks'N'Diamonds
A definite oldie, Rocks'N'Diamonds is a multiplayer arcade game "in the tradition of" Boulder Dash, Emerald Mine, Supaplex and Sokoban. Thanks to an active user community, tens of thousands of levels are available. Operating System: Windows, Linux, OS X.
5. SuperTux
SuperTux is a classic 2D, side-scrolling jump-and-run game featuring Tux the Linux penguin. It offers 26 different levels where you can take on nine different enemies. Operating System: Windows, Linux, OS X.
6. Secret Maryo Chronicles
This game resurrects the 2D look of the old Mario Bros. games. Thanks to low system requirements, it runs on older PCs just fine, and it includes a level editor so you can make up your own levels. Operating System: Windows, Linux, OS X.
7. Scorched3D
A modernized version of Scorched Earth, this turn-based artillery game offers excellent 3D graphics and easy-to-learn gameplay. Play online with up to 24 players at once and/or take on computer-generated opponents. Operating System: Windows, Linux, OS X.
8. Smash Battle
Based on the Mario Battle from Super Mario Bros. 3, Smash Battle is a newer game with old school 2D graphics. Fight against up to three other opponents in multi-player mode. Operating System: Windows, Linux.
9. Teeworlds
This side-scrolling 2D game features cartoonish graphics combined with multi-player shooting action. It supports up to 16 players at once in multiple game styles, including team deathmatch and capture the flag. Operating System: Windows, Linux, OS X.
10. WarMUX
Now available for Android through Google Play, WarMUX describes itself as a game of "convivial mass murder" where you attempt to defeat your opponent's team using dynamite, grenades, baseball bats and bazookas. The 2D graphics feature penguins, gnus, firefoxes, and other mascots from well-known open source software. Operating System: Windows, Linux, OS X, Android.
11. XPilot
First developed in 1991, XPilot is a classic space game similar to Asteroids. It's multi-player only, so you'll need to join a game on an existing server or set up a server of your own. Multiple forked versions are also available. Operating System: Windows, Linux, OS X, iOS.
12. XMoto
To complete the various levels on this 2D motocross game, you'll need to collect all the strawberries while overcoming various obstacles and avoiding wreckers. Hundreds of additional user-created levels are available on the site. Operating System: Windows, Linux, OS X.
13. Yo Frankie!
Built with the Blender open source 3D animation tool, Yo Frankie! features some of the best graphics you'll see on any open source game. It features characters from the open source movie Peach who run, jump, climb and glide their way across obstacles in a realistic landscape. Operating System: Windows, Linux, OS X.

Board Games

14. Domination
Domination is a Java-based version of the board game Risk. The developers have recently completed a version for Android that can be downloaded through Google Play. Operating System: Windows, Linux, OS X, Android.
15. The Genius
The Genius is a chess app with a simple interface. Choose among four levels of game play ranging from "I dunno chess" to "Expert." Operating System: Windows.
16. GNU Backgammon
Based on a neural network, this backgammon engine gets better with time. Test yourself against a computer opponent with the skills of a championship flight tournament player or use it to analyze backgammon moves and matches. Operating System: Windows, Linux, OS X.
17. GNU Go
This GNU project allows users to play Go, a 3,000-year-old Asian board game similar to chess. It's a two-player game where players attempt to control the most territory on the board. Operating System: Windows, Linux, OS X.
18. Scrabble
In addition to the classic 15x15 crossword game, this version of Scrabble also lets you play SuperScrabble on a 21x21 word, Scrabble 3D or your own board. Compete against up to three online players at a time. Operating System: Windows, Linux, OS X.
19. Yahtzo!
As you might guess from the name, Yahtzo! is a computerized version of Yahtzee. The interface is fairly bare-bones, but play is just like the classic dice game. Operating System: Windows.

Card Games

20. PokerTH
Downloaded millions of times, this superb Texas Hold 'Em game features above-average graphics and an active community of players. Check out Poker-heroes.com to see the rankings of current players. Operating System: Windows, Linux, OS X, Android.


21. PySolFC
PySolFC collects more than 1,000 solitaire games into a single download. In addition to games featuring the traditional 52-card deck, you'll find games for the 78-card Tarot deck, eight- and ten-suit Ganjifa games, Hanafuda games, Matrix games, Mahjongg games and more. Operating System: Windows, Linux, OS X.
22. XM Solitaire
This collection features 200 different cards games, including popular solitaire options like Freecell, Klondike, Fan, Spider, Pyramid and Gaps. The same site features a number of puzzle games, like Sokoban, Sudoku and others. Operating System: Windows.

Casual and Puzzle Games

23. Enigma
Similar to the classic Oxyd and Rock'n'Roll games for Atari and Amiga, Enigma challenges uses to find pairs of matching Oxyd stones while avoiding traps, overcoming obstacles and solving puzzles. It's been downloaded hundreds of thousands of times and features more than 1,000 levels of gameplay. Operating System: Windows, Linux, OS X.
24. Fish Fillets NG
Free the fish by solving a variety of puzzles. Along the way, the fish make funny comments and the other game denizens fight amongst themselves. Operating System: Windows, Linux, OS X.
26. Frozen Bubble
Known as "the most addictive game ever created," Frozen Bubble is a traditional bubble shooter where you try to make chains containing balls of the same color. It includes 100 levels for single players, or you can challenge your friends in two-player mode or online multi-player mode. Operating System: Windows, Linux.
25. GBrainy
Gbrainy helps keep you in top mental shape with a variety of logic, mental calculation, memory training and verbal analogy activities. It offers a variety of difficulty levels, making it appropriate for players of all ages. Operating System: Windows, Linux.
27. I Have No Tomatoes
How many tomatoes can you smash in ten minutes? Find out with this off-beat and highly unusual puzzle game. Operating System: Windows, Linux.
28. Neverball
To complete the levels of Neverball, you'll need to be able to solve puzzles and to be able to tilt the floor skillfully to move the ball where you want it to go. The download also includes Neverputt, a golf game based on the same engine. Operating System: Windows, Linux, OS X.
29. Pingus
If you've ever played Lemmings, Pingus will feel very familiar. In this version you guide a horde of penguins through various levels by assigning some penguins to dig, bash, climb, etc. Operating System: Windows, Linux, OS X.
30. Pushover
Guide your ant so that it knocks over the dominoes on the screen in the correct order. A remake of an older game, this version of Pushover includes several different levels and 11 different kinds of dominoes. Operating System: Windows.
31. SokoSolve
SokoSolve offers a version of the classic Sokoban game which requires players to push one box at a time to achieve a desired configuration. In addition to the game, the download provides other tools for Sokoban fans, including a solver and a library. Operating System: Windows.

Educational Games

32. ChildsPlay
Designed for children under age six, ChildsPlay includes 14 different simple games. Some teach number and letter recognition, memory skills and keyboarding skills, and some of the games are just for fun. Operating System: Windows, Linux, OS X.
33. GCompris
GCompris collects more than 100 games and activities suitable for ages two to ten. It includes apps for telling time, chess, algebra, geography, sudoku, science and much more. Operating System: Windows, Linux.
34. TuxMath
To succeed at this game, kids must solve math problems in order to prevent Tux the Linux penguin from being hit by meteors. The user can choose the type of math problems and the level of difficulty. Operating System: Windows, Linux, OS X.

First-Person Shooter Games

35. Alien Arena
Alien Arena describes itself as a "furious frag fest" with "immersive arenas, freaky and violent weapons, and a vibrant community." The newest version, released just this month, adds twelve new levels, two new characters and an awesome new weapon, the Minderaser. Operating System: Linux, Windows, OS X.
36. AssaultCube
This realistic first-person shooter runs in single- or multi-player mode and utilizes the same engine as Cube (see below). Thanks to its low latency and lightweight size, it can run on older systems and slow networks, and it offers fast gameplay. Operating System: Linux, Windows, OS X.
37. Cube
Cube boasts excellent graphics and lots of brutal action in the tradition of games like Doom and Quake. Play alone or against up to 12 other players in multi-player mode. Operating System: Windows, Linux, OS X.
38. Nexuiz
One of the most popular open source first-person shooters ever, Nexuiz has been downloaded more than 6 million times. A team is currently working on re-making the game for consoles. Operating System: Windows, Linux, OS X.
39. OpenArena
Designed as a clone of Quake III Arena, Open Arena offers multi-player first-person shooter action and twelve different game types. Due to the nature of some of the content, its developers warn that it is unsuitable for kids under 17. Operating System: Windows, Linux, OS X.
40. Red Eclipse
Just over a year old, this Cube-based shooter includes unique gameplay features like Parkour, impulse boosts and dashing. It also includes an editor so you can build your own levels. Operating System: Windows, Linux, OS X.


41. Tremulous
This award-winning game combines first-person shooter action with elements typically found in a real-time strategy game. Play as either the aliens or the humans, and rack up wins to become more powerful. Operating System: Windows, Linux, OS X, XBox.
42. Warsow
No, that isn't a misspelling of "Warsaw." Warsow is a very fast-paced, cartoonish shooter featuring rocketlauncher-wielding pigs. Unlike most other shooters, Warsow goes easy on the gore, using stars and cubes to stand in for blood and guts. Operating System: Windows, Linux, OS X.

Game Collections

43. GnomeGames
Gnome's collection of casual "five-minute" games includes Chess, Sudoku, Mines, Four-in-a-row and 11 other simple games. The graphics and gameplay are basic but sometimes addictive. Operating System: Linux.
44. KDE Games
The KDE desktop offers a much wider selection of casual games. It includes KBattleship, KMahjong, KBreakout, KSpaceduel, KMines, KSudoku and many more. Operating System: Windows, Linux.

Music Games

45. Frets on Fire
The open source answer to Guitar Hero, Frets on Fire challenges you to play along to your favorite songs using a guitar controller or your keyboard. It supports Guitar Hero songs, or you can import songs submitted by other users or create your own. Operating System: Windows, Linux, OS X.
46. StepMania
Very similar to Dance Dance Revolution, Step Mania tests your ability to keep the beat using dance pads or your keyboard. Songs must be downloaded separately from the game, but the site includes hundreds of free songs. Operating System: Windows, Linux/Unix, OS X, XBox.
47. Ultrastar Deluxe
This karaoke games awards points based on how well you sing, similar to the game SingStar. You can use it with your own music files or you can download more than 10,000 songs available for the app. Operating System: Windows, Linux, OS X.

Racing Games

48. GLtron
As in the movie Tron, competitors in this game ride speeding lightcycles that trail walls behind them. The goal is to trap other players, forcing them to hit the wall, while you remain free. Operating System: Windows, Linux, OS X.
49. Ultimate Stunts
A remake of the DOS game Stunts, Ultimate Stunts takes racing to the next level by adding loops, corkscrews, jumps and more. It also makes it easy to build your own tracks. Note that it's still in the earlier stages of development. Operating System: Windows, Linux, OS X.
50. SuperTuxKart
Tux the Linux penguin races around 3D tracks in this racing game. The latest version adds three new tracks, a battle arena, two new weapons and more. Operating System: Windows, Linux, OS X.
51. TORCS
The Open Race Car Simulator (TORCS) offers realistic racing action that figures in tire and wheel properties, aerodynamics, collisions and more. It includes more than 50 cars, 20 tracks and 50 opponents. Operating System: Windows, Linux, OS X.
52. Tux Racer
Downloaded millions of times, this popular classic Linux game features Tux the penguin sliding downhill. It features 3D landscapes and changing weather conditions with fog, high winds and more. Operating System: Windows, Linux, OS X.
53. Extreme Tux Racer
The classic Tux Racer (above) hasn't been updated in a while, but this version updates the original with better graphics and gameplay. Operating System: Windows, Linux, OS X.
54. VDrift
This racing game was made with drift racing in mind. It features real-world tracks and vehicles and superb graphics. Operating System: Windows, Linux, OS X.

Role-Playing and Adventure Games

55. Crossfire
Explore 3000 maps and battle 150 monsters in this retro arcade adventure game. It includes 15 character types, an elaborate magic system and many, many treasures to find. Operating System: Windows, Linux, OS X.
56. Egoboo
This 3D dungeon-crawler challenges players to save Lord Bishop from the clutches of the evil Dracolich, slaying hordes of monsters along the way. Play with up to four other people as you make your way through 40 different dungeons. Operating System: Windows, Linux, OS X.
57. Excalibur: Morganna's Revenge
In this epic adventure game, you begin as a futuristic soldier on a starship but soon time-travel back to the age of King Arthur, where you must save the world from Morganna. It offers 42 levels of solo play and 27 levels you can play with your friends in network mode. Operating System: Windows, Linux, OS X.
58. Linley's Dungeon Crawl
If you miss some of the really old dungeon crawlers like Rogue, Hack and Moria, this game is for you. The goal is to retrieve the Orb of Zot from deep in a subterranean cavern and return it to the surface. Operating System: Windows, Linux, OS X.
59. PlaneShift
This 3D fantasy role-playing game offers free play with no restrictions. It features six races, six "Ways of Magic," large worlds to explore and plenty of monsters to fight. Operating System: Windows, Linux, OS X.
60. Ryzom
Set 2000 years in the future on the plant Atys, Ryzom depicts a struggle for world domination between the nature forces of Kami and the technological forces of Karavan. Ryzom is a massively multiplayer online role-playing game (MMORPG) where players move up by gaining experience in fighting, magic, crafting and foraging. Note that while the download and basic play are free, unlimited play requires a subscription. Operating System: Windows, Linux, OS X.


61. Stendhal
This MORPG features simple, old-school graphics and friendly gameplay. Journey through a world full of villages, cities, dungeons, forests, mines, mountains and tropical islands, with plenty of adventures along the way. Operating System: Windows, Linux, OS X.
62. Summoning Wars
This newer fantasy role-playing game offers four classes of characters, each with 24 unique magical abilities and other skills. Play on your own or with up to eight other people in multi-player mode. Operating System: Windows, Linux, OS X.

Simulator Games

63. FlightGear
Comparable to commercial flight simulators, FlightGear offers sophisticated, realistic controls and scenery. It includes more than 20,000 real-world airports, accurate depictions of the sky and terrain, and multiple aircraft. Operating System: Windows, Linux, OS X, others.
64. LinCity NG
LinCity NG offers an open source version of the original Sim City game. Win by building a sustainable economy or by evacuating your entire population in spaceships. Operating System: Windows, Linux, OS X.
65. Micropolis
Another Sim City Clone, Micropolis (a.k.a. OLPC SimCity) was developed for the One Laptop Per Child project. It's based on the source code for the original version of Sim City. Operating System: Linux, Unix.
66. Oolite
This space simulator challenges players to fly around the universe, establishing space stations and fending off enemy ships. The graphics are old-school (based on the classic game Elite), but many players same the game is highly addictive. Operating System: Windows, Linux, OS X.
67. OpenCity
Yet another city development simulator, Open City features 3D graphics and detailed terrain. The site includes helpful tutorials to get you started playing the game. Operating System: Windows, Linux, OS X.
68. OpenTTD
Although it was based on Transport Tycoon Deluxe, this game improves on the original with larger maps, support for up to 255 players, improved tools and the opportunity to bribe town authorities. Check out the site for a list of servers that host multiplayer games. Operating System: Windows, Linux, OS X.
69. Rigs of Rods
This very popular vehicle simulator uses a unique soft-body physics engine to provide very realistic behavior of vehicles that travel over land, water and air. An extremely active user community has created more than 2000 modifications for the app, and you can find numerous user videos online. Operating System: Windows, Linux, OS X.
70. SlipStream
Designed to support any type of vehicle that could be driven around a racetrack, SlipStream is more difficult to learn than some other vehicle simulators, but offers more realistic handling as a tradeoff. It's a young project that's early in development, but is already usable. Operating System: Linux.
71. Simutrans
Another Transport Tycoon Deluxe clone, Simutrans challenges players to create a successful transport network without going bankrupt. The website includes numerous PakSets, which offer new graphics and new worlds where you can play. Operating System: Windows, Linux, OS X.
72. Vega Strike
This space simulator revolves around trading, exploration and combat with enemy ships. It plays in both single-player and multi-player modes and boasts excellent graphics. Operating System: Windows, Linux, OS X.

Sports Games

73. Billiards
Billiards is designed to simply but accurately simulate the game for which it's named, so that players can practice when a pool table isn't available. It currently offers tables both with and without pockets, and you can play eightball, nineball and carom billiards. Operating System: Linux.
74. Slam Soccer 2006
Slam Soccer offers a comedic take on one of the world's most popular sports with slightly silly 3D graphics. It includes 80 teams, 20 stadiums, 10 referees, 9 commentators and the ability to play in a variety of weather conditions. Operating System: Windows, Linux.

Strategy Games

75. 0 A.D.
In this historical real-time strategy game, "history is yours for the taking." Players build civilizations between the years of 500 B.C. and 500 A.D. Operating System: Linux, Windows, OS X.
76. Advanced Strategic Command
This turn-based strategy game, which was "designed in the tradition of the Battle Isle series," pits military units against each other on a hexagonal grid. Play against the AI opponent or against other humans using hotseat or PlayByMail. Operating System: Windows, Linux.
77. Battle for Wesnoth
With plenty of elves, necromancers, orcs and warriors, this popular turn-based strategy game immerses players in a high-fantasy world with a number of scenarios to play. It includes more than 200 unit types from six different factions, and it supports online multiplayer games. Operating System: Linux, Windows, OS X, iOS.
78. BosWars
In this futuristic real-time strategy game, you build your stores of energy and your economy while battling opponents for control of the map. You can play alone or against human opponents via a LAN or the Internet. Operating System: Windows, Linux, BSD, OS X.
79. CommanderStalin
This game transports the action of Bos Wars away from the future and back to the Soviet era in Russia. Build up your economy and military so that you can withstand the inevitable attack from Nazi Germany. Operating System: Windows, Linux.
80. FreeCol
If you've played Civilization, FreeCol will feel very familiar. It's a turn-based strategy game where the objective is to build a successful civilization starting with just a few colonists. Operating System: Windows, Linux, OS X.


81. FreeCiv
Also similar to Civilization, FreeCiv begins in the Stone Age. You win by creating the best nation and successfully guiding your citizens all the way to the Space Age. Operating System: Windows, Linux, OS X.
82. FreeOrion
Based on the Master of Orion games, this "turn-based space empire and galactic conquest game" involves both nation-building and combat elements. Both single- and multi-player games are available. Operating System: Windows, Linux, OS X.
83. Glest
The forces of Tech battle the forces of Magic in this award-winning 3D real-time strategy game. Check out the gallery on the website for plenty of screenshots and information about the tech tree and buildings. Operating System: Windows, Linux.
84. MegaGlest
Based on Glest, MegaGlest adds five more factions--Egyptians, Indians, Norsemen, Persian and Romans--to the Tech and Magic teams from the original. Play in one of 17 different settings, either alone or against up to seven other players. Operating System: Windows, Linux.
85. Hedgewars
Unlike a lot of strategy games, Hedgewars doesn't take itself too seriously. It describes itself as "a turn based strategy, artillery, action and comedy game, featuring the antics of pink hedgehogs with attitude as they battle from the depths of hell to the depths of space." Games can support up to eight players at once, and it includes 47 different weapons, including the piano strike and explosive robotic cake. Operating System: Windows, Linux, OS X, iOS.
86. Liquid War
One of the most unusual games available, Liquid War is a multiplayer strategy game with a twist. Instead of an army, you control a glob of liquid, and you win by eating your opponents. The graphics aren't particularly great, but the game itself is interesting. Operating System: Windows, Linux, OS X.
87. Seven Kingdoms: Ancient Adversaries
This is an updated version of the Seven Kingdoms real-time strategy game that was originally released in 1997. Choose your kindgom--Chinese, Egyptians, Greeks, Japanese, Maya, Mughuls, Normans, Persians, Vikings, Zulus--then begin training your army, building your economy and spying on your enemies in single-player or multi-player games. Operating System: Windows.
88. Spring: 1944
As you might guess from the title, this app is a WWII-theme real-time strategy game with period-accurate units and strengths. Play as the US, Germany, USSR or Britain. Operating System: Linux.
89. UFO:Alien Invasion
In the year 2084, you control a secret organization defending earth against brutal alien invaders. View the action from Geoscape mode, where you manage the battle from a high level, or Tactical Mode, where you lead a team in combat against the enemy. Operating System: Windows, Linux, OS X.
90. Unknown Horizons
In this 2D city-building strategy game, you start with a ship and a handful of resources on a desolate island. Can you build a thriving metropolis? Note that this is a newer game, and you may still run into some bugs. Operating System: Windows, Linux, OS X.
91. Warzone 2100
Warzone 2100 challenges players to rebuild civilization after it's been destroyed by nuclear war. It offers real-time action in campaign, multi-player and single-player modes. Operating System: Windows, Linux, OS X.
92. Widelands
Inspired by The Settlers and The Settlers II, Widelands is another civilization-building real-time strategy game. It features four worlds, three tribes, a map editor and both single- and multi-player games. Operating System: Windows, Linux, OS X.
93. Zero-K
This futuristic real-time strategy game offers plenty of action, streamlined economy controls and fast-moving games, with the average game lasting 20-30 minutes. It features battling robot armies with the ability to micro-manage individual units. Operating System: Windows, Linux.
94. Zombies
If you get tired of playing strategy games against the living, take a turn playing against the undead. The goal? Kill the zombies before they kill you. Operating System: Windows, OS X.

Fun Non-Games

95. Celestia
Perfect for budding astronomers, Celestia lets you see the heavens from any point on earth at any time. Plus, you can fly away from the earth and see what they sky would look like from Mars, the Sun, or another point in the known universe. Operating System: Windows, Linux, OS X.
96. DrumTrack
Turn your keyboard into a drum machine. This app lets you build your own rhythm tracks using samples that you can arrange however you like. Operating System: Windows.
97. Electric Sheep
Inspired by the Philip K. Dick novel Do Androids Dream of Electric Sheep, this screensaver connects thousands of computers around the world to create unusual abstract designs known as "sheep." Vote for your favorite animations and they'll reproduce more often. Operating System: Windows, Linux, OS X.
98. LCARS 24
This app is a must have for Star Trek fans with an old PC sitting around in the garage or basement. It sets up your system with Star-Trek style graphics, a talking alarm clock and a file manager. Operating System: Windows, DOS.
99. Stellarium
Similar to Celestia, Stellarium also displays the night skies from any point on earth. It comes with a default catalog of 600,000 stars, or you can download additional catalogs with 210 million stars. It's so accurate and realistic that it's used by many planetariums. Operating System: Windows, Linux, OS X.
100. Tux Paint
Tux Paint is a drawing program designed for preschoolers and early elementary students. Drawing tools include brushes, line tools, stamps, shapes, an eraser, and a host of "magic" effects. Operating System: Windows, Linux, OS X.

Top Cyber Threats: Security Research Roundup

http://www.esecurityplanet.com/trends/top-cyber-threats-security-research-roundup.html


Recent reports from Panda Security, Trend Micro, Websense, Verizon, Sophos, Symantec, Group-IB and Bit9 have shed light on the current state of malware, phishing, and other attack methods.
From the rise of Trojans and ransomware to the functionality of Android malware, these reports provide an insight into the current state of the ever-changing threat landscape.
Key findings include the following: almost all malware infections are now the result of installation or injection by a remote attacker, smaller organizations are increasingly being hit with targeted attacks, ransomware is expanding from a focus on Russia to target a wide range of countries, and two thirds of security professionals expect their organizations to be hit by a cyber attack within the next six months. For details, and for many more findings, read on.

NEW MALWARE STRAINS IN Q1 2012, BY TYPE:

NEW MALWARE STRAINS IN Q1 2012, BY TYPE
According to Panda Security's PandaLabs Q1 2012 Report [PDF file],  six million new malware samples were created in the first quarter of 2012. During that time period, Trojans represented 80.77 percent of all new malware, up from 73 percent of all malware in 2011. Worms comprised 9.3 percent of samples, up from 8 percent in 2011, while viruses made up 6.43 percent of samples, down from 14.25 percent in 2011.

MALWARE INFECTIONS BY TYPE IN Q1 2012:

MALWARE INFECTIONS BY TYPE IN Q1 2012
Panda Security's PandaLabs Q1 2012 Report [PDF file] found that Trojans caused 66.3 percent of all infections, followed by worms at 8.39 percent and viruses at 7.9 percent. The researchers highlight the fact that worms only caused 8.39 percent of infections despite accounting for 9.3 percent of all new malware, which is notable because worms usually cause more infections thanks to their ability to propagate automatically. "This demonstrates that massive worm epidemics have become a thing of the past, and have been replaced by a silent Trojan invasion," they write.

MOST MALWARE INFECTED COUNTRIES IN Q1 2012:

MOST MALWARE INFECTED COUNTRIES IN Q1 2012
According to Panda Security’s PandaLabs Q1 2012 Report [PDF file], 35.51 percent of PCs are infected in the average country. China has the most infections, with 54.25 of PCs infected, followed by Taiwan and Turkey. Nine of the 10 least infected countries are in Europe – the only non-European country in the top 10 list is Japan. Sweden is the least infected country, with a record-setting infection rate of less than 20 percent of computers.


THE RISE OF RANSOMWARE:

THE RISE OF RANSOMWARE
Trend Micro's TrendLabs Q1 2012 Security Roundup Report [PDF file] states that ransomware, which holds systems and/or files hostage unless victims pay a fee, was previously concentrated in Russia but now targets a wide range of other countries. "The growth of ransomware outside of Russia may be attributed to the growing difficulties associated with payment methods and fake anti-virus," Trend Micro threat response engineer Roland Dela Paz wrote in a blog post. "[Fake anti-virus] as a business is composed of an economic ecosystem that involves ring leaders, developers, middle men (affiliate networks), advertisers, etc. Because of these challenges, some criminal groups involved with [fake anti-virus] may seek alternative underground businesses such as the ransomware business, thereby making the ransomware market expand and flourish."

MALWARE COMING FROM TRUSTED LOCATIONS:

MALWARE COMING FROM TRUSTED LOCATIONS
According to the Websense 2012 Threat Report, malware redirects, malware hosting, and phishing are increasingly occurring in "trusted locations" such as the U.S. and Canada. "Almost no organization is going to block U.S. domains (the Web experience for users would be impacted too severely)," the authors write. "So it makes sense for cybercriminals to leverage these 'trusted' Web locations."

MALWARE INFECTION VECTORS:

MALWARE INFECTION VECTORS
According to Verizon's 2012 Data Breach Investigations Report [PDF file], the most common malware infection vector has long been installation or injection by a remote attacker. While just over half of attackers used this vector in 2009, fully 95 percent used it last year. "Its popularity as an infection vector likely stems both from the attacker's desire to remain in control after gaining access to a system, and its use in high-volume automated attacks against remote access services," the report states.


MALWARE FUNCTIONALITY:

MALWARE FUNCTIONALITY
According to Verizon's 2012 Data Breach Investigations Report [PDF file], the three most common functions of malware are logging keystrokes and other forms of user input, sending data to external locations, and backdoors. "It is important to note that none of these functionalities are mutually exclusive and it's common for a single piece of malware to feature several components," the report states. Data exfiltration proved far less common in Verizon's 2012 report than in the previous year, dropping from 79 percent in the 2011 report to 43 percent in the 2012 report.

MALWARE ON MACS:

WINDOWS MALWARE ON MAC COMPUTERS
MAC OS MALWARE ON MAC COMPUTERS
Sophos recently analyzed a snapshot of 100,000 of the millions of Mac computers that run the company's free anti-virus software and found that one in five machines was carrying Windows malware, while one in 36 (2.7 percent) of Mac were found to be carrying Mac OS X malware. While the latter case would certainly be more troublesome for the user, Macs that are carrying Windows malware can easily spread it to other computers. Some of the malware that Sophos detected dates back to 2007, and would have been easily detected by any anti-virus software. "Cybercriminals view Macs as a soft target, because their owners don't typically run anti-virus software and are thought to have a higher level of disposable income than the typical Windows user," Sophos senior technology consultant Graham Cluley said in a statement. "Mac users must protect their computers now or risk making the malware problem on Macs as big as the problem on PCs."

EMAIL-BORNE MALWARE WORLDWIDE:

EMAIL-BORNE MALWARE WORLDWIDE
According to the Symantec Intelligence Report [PDF file] for February 2012, the global ratio of email-borne viruses in e-mail traffic was one in 274 e-mails, or 0.37 percent in February, up 0.3 percent since January. In February, the report states, 27.4 percent of email-borne malware contained links to malicious Web sites, a decrease of 1.6 percent from January. Luxembourg had the highest rate of malicious e-mail activity in February, with one in every 63.9 e-mails identified as malicious – in the U.S., the rate was one in every 436.5 e-mails. The most targeted industry in February was the public sector, with one in 71.2 e-mails blocked as malicious. Education was the second most targeted vertical, with one in 124.1 e-mails containing malicious content.


GLOBAL GROWTH OF PHISHING:

GLOBAL GROWTH OF PHISHING
The Symantec Intelligence Report [PDF file] for February 2012 states that the global phishing rate increased in February by 0.01 percent, with one in 358.1 e-mails (0.28 percent) comprising some form of phishing attack. The Netherlands was the country most targeted by phishing attacks in February, with one in 152.8 e-mails identified as phishing. In the U.S., the rate was one in 753.5. The industry most targeted by phishing attacks in February was the public sector, with one in 84.1 e-mails comprising a phishing attack. Small to medium sized businesses with 1-250 employees were the most targeted, with one in 265.7 e-mails comprising a phishing attacks, while large enterprises with more than 2,500 employees saw one in 361.9 e-mails containing a phishing attack.

SMALLER ORGANIZATIONS BEING TARGETED:

SMALLER ORGANIZATIONS BEING TARGETED
Symantec’s Internet Security Threat Report, Volume 17 [PDF file] notes that targeted attacks aren't just a source of concern for larger companies – more than half of all targeted attacks in 2011 were directed at organizations with fewer than 2,500 employees, and fully 17.8 percent were directed at organizations with fewer than 250 employees. The company notes that smaller organizations may be targeted as a stepping stone because they're in the supply chain or partner ecosystem of a larger, more well defended company. Similarly, while 42 percent of the targeted users are high-level executives, senior managers and people in research and development, the majority of targets don't themselves have access to confidential information – instead, they’re targeted as a way of getting a foot in the door of a target company.

HACKING METHODS:

HACKING METHODS
Verizon's 2012 Data Breach Investigations Report [PDF file] breaks down the leading methods of hacking into two groups: authentication attacks (stealing, brute forcing, or guessing of credentials) and technical attacks that bypass or break authentication altogether (e.g. SQL injection or backdoors). According to the report, there are few clear distinctions between the methods used to target small companies and those used to target larger ones. "Larger companies do seem to be more adept at warding off the easier-to-prevent attacks; however, approximately 98 percent of all records breached via stolen credentials occurred in larger organizations," the report states.


MOBILE ATTACK FUNCTIONALITY:

MOBILE ATTACK FUNCTIONALITY
According to Symantec's Internet Security Threat Report, Volume 17 [PDF file], three factors are required for a major increase in mobile malware to occur: a widespread platform, readily accessible development tools, and sufficient attacker motivation. The first of those factors was recently fulfilled with Android's rapid growth in popularity. Symantec reports that more than half of all Android threats collect device data or track user activities, and almost a quarter of the mobile threats identified in 2011 were designed to send content. A popular way for mobile malware writers to make money is by sending premium SMS messages from infected devices, a technique that was used by 18 percent of all mobile threats identified in 2011. Still, mobile malware does much more than just send SMS – several attacks have been identified that track a victim's location via GPS and steal personal information from the victim's device.

THE RUSSIAN CYBERCRIME MARKET:

THE RUSSIAN CYBERCRIME MARKET
Russian cybercrime investigation and computer forensics firm Group-IB recently released a report entitled State and Trends of the Russian Digital Crime Market 2011 [PDF file], which estimates the financial performance of the entire global cybercrime market in 2011 at $12.5 billion, and the Russian share of that market at $2.3 billion. Russian-speaking cybercriminals, both in and outside of Russia itself, hold more than a third of the global cybercrime market, with estimated earnings of $4.5 billion. Key areas of growth, Group-IB reports, include online banking fraud and DDoS attacks. "The number of DDoS attacks in 2011 has grown as compared to previous periods," the report states. "The main targets were usually online stores and other representatives of the online business sphere. It should be noted, however, that the average strength of attacks in 2011, as compared to 2010, has weakened, with botnets typically numbering no more than 10,000 nodes used for attacking."

FEAR OF A CYBER ATTACK:

FEAR OF A CYBER ATTACK
According to the 2012 Bit9 Cyber Security Research Report, a survey of 1,861 IT and security professionals worldwide found that almost two thirds of those surveyed expect their companies to be targeted by a cyber attack in the next six months. Those who work at larger organizations with more than 500 employees are much more concerned that those who work at smaller companies. And while most than half of the respondents in every market segment anticipate an attack, almost three quarters of government security professionals do so. The majority of respondents blame those fears on an increase in the number of hackers, rather than media hype or any perceived security weaknesses.




How to Get Started with ActiveMQ

http://www.openlogic.com/wazi/bid/188010


As your company grows, you may need an enterprise solution that facilitates passing information between applications and the employees that control them. A message broker is a program that routes, transforms, aggregates, or stores messages between applications based on rules you specify. In a way, what email does for the employees, message queuing software does for applications. Proprietary message brokers include Microsoft BizTalk Server, Oracle Message Broker, and SAP NetWeaver Process Integration. If you prefer open source software (and we know you do) consider Apache ActiveMQ.
ActiveMQ is intimately linked with Java, and fully implements the Java Message Service. JMS, a part of Java Enterprise Edition, is a standard allowing distributed application components to send, receive, read, and create messages between themselves. MQ software is based on a publish/subscribe model, where one side publishes a message and the other, if interested, subscribes to the message flow. Messages between components are passed indirectly, with the message queuing software acting as the broker. Message queuing software addresses some of the shortcomings of passing messages directly, such as the necessity of knowing who (if anyone) is receiving a sent message.
Though developers use ActiveMQ to create software for enterprise messaging using the Java classes JMS provides, you are not limited to using it with Java. Other alternatives include .Net, C/C++, Delphi, or scripting languages like Ruby, Perl, Python, and PHP.
For this article, we installed ActiveMQ on a CentOS 6.2 64-bit server with OpenJDK installed, version 1.6.0. Even though the ActiveMQ docs refer to version 4.x, the latest stable release is 5.6.0. Download and unpack it; use the binary distribution, not the source, to keep things simple. (There seems to be also a CentOS 5.x repository, but since we are running CentOS 6.2, we did not test it.) If you want to make the installation directory available to others, you can move it to /opt or another globally available location. Change to the resulting directory, then again to bin/linux-x86-64, and run ./activemq start. To test whether everything is running smoothly, grep netstat for 61616, the default port ActiveMQ listens on (netstat -an | grep 61616). You should be able to reach ActiveMQ's admin page from a browser at localhost:8161/admin.

Configuration via XML

Before going to the part that will be addressed to the developers writing ActiveMQ clients, a few words about configuration are in order. ActiveMQ uses XML files for many configuration tasks. If you look at the right side of the admin page, you will notice Queue, Topic, and Subscribers views, and their corresponding XML files, which now are empty. The XML configuration files are in the conf/ directory, and it's (almost) mandatory you take a peek, as they are very well commented and will get you started. The project's examples page shows you how to compile examples; it requires the Ant build tool.
The nice fellows at Javablogging have a straightforward example of how to create and listen to messages. The following code, for instance, effectively creates a queue, session, and message:
import javax.jms.*;

import org.apache.activemq.ActiveMQConnection;
import org.apache.activemq.ActiveMQConnectionFactory;

public class Producer {
    // URL of the JMS server. DEFAULT_BROKER_URL will just mean
    // that JMS server is on localhost
    private static String url = ActiveMQConnection.DEFAULT_BROKER_URL;

    // Name of the queue we will be sending messages to
    private static String subject = "TESTQUEUE";

    public static void main(String[] args) throws JMSException {
        // Getting JMS connection from the server and starting it
        ConnectionFactory connectionFactory =
            new ActiveMQConnectionFactory(url);
        Connection connection = connectionFactory.createConnection();
        connection.start();

        // JMS messages are sent and received using a Session. We will
        // create here a non-transactional session object. If you want
        // to use transactions you should set the first parameter to 'true'
        Session session = connection.createSession(false,
            Session.AUTO_ACKNOWLEDGE);

        // Destination represents here our queue 'TESTQUEUE' on the
        // JMS server. You don't have to do anything special on the
        // server to create it, it will be created automatically.
        Destination destination = session.createQueue(subject);

        // MessageProducer is used for sending messages (as opposed
        // to MessageConsumer which is used for receiving them)
        MessageProducer producer = session.createProducer(destination);

        // We will send a small text message saying 'Hello' in Japanese
        TextMessage message = session.createTextMessage("¤³¤ó¤Ë¤Á¤Ï");

        // Here we are sending the message!
        producer.send(message);
        System.out.println("Sent message '" + message.getText() + "'");

        connection.close();
    }
}
As you can see, it's simple to get started, even if you're not a Java master, though you should know Java if you want to do any serious work. The receiving component implementation looks like this:
import javax.jms.*;

import org.apache.activemq.ActiveMQConnection;
import org.apache.activemq.ActiveMQConnectionFactory;

public class Consumer {
    // URL of the JMS server
    private static String url = ActiveMQConnection.DEFAULT_BROKER_URL;

    // Name of the queue we will receive messages from
    private static String subject = "TESTQUEUE";

    public static void main(String[] args) throws JMSException {
        // Getting JMS connection from the server
        ConnectionFactory connectionFactory
            = new ActiveMQConnectionFactory(url);
        Connection connection = connectionFactory.createConnection();
        connection.start();

        // Creating session for seding messages
        Session session = connection.createSession(false,
            Session.AUTO_ACKNOWLEDGE);

        // Getting the queue 'TESTQUEUE'
        Destination destination = session.createQueue(subject);

        // MessageConsumer is used for receiving (consuming) messages
        MessageConsumer consumer = session.createConsumer(destination);

        // Here we receive the message.
        // By default this call is blocking, which means it will wait
        // for a message to arrive on the queue.
        Message message = consumer.receive();

        // There are many types of Message and TextMessage
        // is just one of them. Producer sent us a TextMessage
        // so we must cast to it to get access to its .getText()
        // method.
        if (message instanceof TextMessage) {
            TextMessage textMessage = (TextMessage) message;
            System.out.println("Received message '"
                + textMessage.getText() + "'");
        }
        connection.close();
    }
}
If you set up everything right, you should be able to go to the Queues submenu in the admin panel and see TESTQUEUE in the Name column.
I won't show you examples from every language ActiveMQ supports, but I will share some words regarding writing C++ code with and for ActiveMQ. Probably one of the best locations to start with is the Apache ActiveMQ source tree, from which I will extract some code from the two files that matter right now, namely producers/SimpleProducer.cpp for the sending part and, conversely, consumers/SimpleAsyncConsumer.cpp for the receiving part, both to be found in the source tree listed above.
//...the sending part...


// Create a Connection, after creating a connection factory
//...
// Create a Session
if( clientAck ) {
session = connection->createSession( Session::CLIENT_ACKNOWLEDGE );
} else {
session = connection->createSession( Session::AUTO_ACKNOWLEDGE );
}

// Create the destination (Topic or Queue)
if( useTopic ) {
destination = session->createTopic( destURI );
} else {
destination = session->createQueue( destURI );
}

// Create a MessageProducer from the Session to the Topic or Queue
//.......
// Create the Thread Id String
//.....
// Create a message
string text = (string)"Hello world! from thread " + threadIdStr;

for( unsigned int ix=0; ixTextMessage* message = session->createTextMessage( text );

message->setIntProperty( "Integer", ix );

// Tell the producer to send the message
printf( "Sent message #%d from thread %s
", ix+1, threadIdStr.c_str() );
producer->send( message );
}
The code to be found in the link above is commented just enough that all you have to do is read it, then compile and run it for a pretty good understanding of how to write C++ code with ActiveMQ. Here comes the other side:
//...includes and fun stuff go here...
//declare variables...
//...
void runConsumer() {

try {
// Create a Connection, after creating a connection factory
//...
// Create a Session
//...
// Create the destination (Topic or Queue)
if( useTopic ) {
destination = session->createTopic( destURI );
} else {
destination = session->createQueue( destURI );
}

// Create a MessageConsumer from the Session to the Topic or Queue
consumer = session->createConsumer( destination );
consumer->setMessageListener( this );

} catch (CMSException& e) {
e.printStackTrace();
}
}
static int count = 0;

try
{
count++;
const TextMessage* textMessage =
dynamic_cast< const TextMessage* >( message );
string text = "";

if( textMessage != NULL ) {
text = textMessage->getText();
} else {
text = "NOT A TEXTMESSAGE!";
}
//...
//Exception handling and cleanups go here...

// Create the consumer
SimpleAsyncConsumer consumer( brokerURI, destURI, useTopics, clientAck );

// Start it up and it will listen forever.
consumer.runConsumer();
}

Conclusion

For more information on writing code in your favorite programming language, look no further than ActiveMQ's source tree. You can access it online or check out the repository with Subversion to your machine with a command like this: svn co https://svn.apache.org/repos/asf/activemq/trunk activemq. Be sure to have SSH installed on your machine, although that's almost a given on most Linux systems nowadays. And be sure to read the excellent documentation.

HOWTO Setup Android Development

http://fedoraproject.org/wiki/HOWTO_Setup_Android_Development


Contents

[hide]

Abstract

This page should provide "how-to" document about using Fedora Linux for developing applications for Android platform.
This document will cover requirements, steps how to go from source code till final application and how to use Android Emulator for testing of application.

Target Fedora version

F-12 and higher

Requirements

  • Eclipse IDE (3.5 and higher is needed because of ADT plugin dependency on Equinox P2)
yum install eclipse-jdt
  • Android SDK
Download SDK from page
http://developer.android.com

Install ADT plugin for Eclipse

    • Start Eclipse, then select Help > Install new software...
    • Click on the Available Software site hyperlink.
    • In Available software sites dialog, click Add....
    • In the Add Site dialog that appears, enter a name for the remote site (for example "Eclipse Update") in the "Name" field. In the Location field, enter one of these URLs, depending on your version of Eclipse. For Eclipse version 3.5 use:
http://download.eclipse.org/releases/galileo/
or for Eclipse version 3.6 use:
http://download.eclipse.org/releases/helios/
For Eclipse version 3.7 (Fedora 16 and current Rawhide (as of Oct. 10, 2011)), use:
http://download.eclipse.org/releases/indigo/
For Eclipse version 4.2 (Fedora 17 and current Rawhide (as of Jun. 6, 2012)), use:
http://download.eclipse.org/releases/juno/
If you're unsure which version of Eclipse you are using, check it at Help > About Eclipse.
This will add dependency which are required for ADT plugin.
    • Again click on Add button and enter a name for the another remote site (for example, "Android Plugin") in the "Name" field. In the "Location" field, enter this URL:
https://dl-ssl.google.com/android/eclipse/ 
Note: If you have trouble acquiring the plugin, you can try using "http" in the URL, instead of "https" (https is preferred for security reasons).Click OK.Add ADT plugin Eclipse.png
    • Back in the Available Software view, next to "Work with:", you should now in see in drop down list "Android Plugin", select it and in box below see "Developer Tools" added to the list. Select the checkbox next to Developer Tools, which will automatically select the nested tools Android DDMS and Android Development Tools. Click Next.
    • In the resulting Install Details dialog, the Android DDMS and Android Development Tools features are listed. Click Next to read and accept the license agreement and install any dependencies, then click Finish.
    • Restart Eclipse.

Install Android SDK

  • Download the SDK from http://developer.android.com/sdk/index.html
  • Unpack it in your home directory, then rename it to ~/AndroidSDK
  • Add into path environment variable ~/AndroidSDK in .bash_profile file in your home directory.
    For example:
PATH=$PATH:$HOME/AndroidSDK:$HOME/AndroidSDK/tools
export PATH

# For SDK version r_08 and higher, also add this for adb:
PATH=$PATH:$HOME/AndroidSDK/platform-tools
export PATH
  • Logout and login back to apply path change

Android Emulator

Important.png
This is important
If you have 64-bit systems, you will need to install some 32bit packages, because Android SDK is 32bit

32 bit packages


# yum install glibc.i686 glibc-devel.i686 libstdc++.i686 zlib-devel.i686 ncurses-devel.i686 libX11-devel.i686 libXrender.i686 libXrandr.i686

AVD device


  1. cd into the ~/AndroidSDK directory and run tools/android to configure and create your first Android Virtual Device.
  2. Go to "Available Packages", select components for just those versions of Android you want to work with. For example:
    • SDK Platform Android 2.1
    • Documentation for Android SDK
  3. (SDK version r_08) For the adb tool, make sure you also select:
    • Platform Tools
  4. Click on "Install selected", then click on "accept all" and confirm with clicking on "Install". This will start component installation, when it will be done, click on close. When this will be done, we could proceed with creation of AVD device itself.
  5. Go to "Virtual Devices", Click on "New", this will open screen where you need to specify SD card size (I will use 62MiB), name of device (I will use "android_dev1", target (Android 2.1, if you want to develop for different target, you need to go to step 2 and install SDK platform for different version).Thumb
  6. Now click on "Create AVD" which will create Android Virtual Device.

Running Emulator


Note.png
Note
This step was not necessary with Fedora 14 and r08 of the SDK
Now we have created Android Virtual Device and we should start it, however, due to issues in AndroidSDK with sound, we will need to run it from command line
./emulator -noaudio -avd android_dev1
And this will start emulator for us.

Hello Fedora

Configure Android in Eclipse


  1. Go to Window -> Preferences, click on Android and set SDK location to directory. (for example /home/user/AndroidSDK) and click on Apply.
  2. Click on apply to reload available targets
  3. choose target android SDK
  4. click on OK

Create a New Android Project


After you've created an AVD, the next step is to start a new Android project in Eclipse.
  1. From Eclipse, select File > New > Project. If the ADT Plugin for Eclipse has been successfully installed, the resulting dialog should have a folder labeled "Android" which should contain "Android Project". (After you create one or more Android projects, an entry for "Android XML File" will also be available.)
  2. Select "Android Project" and click Next.
  3. On next screen type Project Name ("HelloFedora"), Application name (Hello, Fedora), package name (com.example.hellofedora) which represent your namespace and name of activity in "Create Activity" box (HelloFedora). Choose target (if you have multiple targets) and click on "Finish". This will create project for you.
Thumb

Development and Execution


  1. open HelloFedora.java and paste there example code from Hello Fedora Code section.
  2. click on windows -> preferences. In new window, open Android -> Launch and into "Options" text box insert "-noaudio"
  3. open separate console, cd ~/AndroidSDK/tools and execute ./emulator -noaudio @android_dev1 to start emulator. Wait for start of emulator (it could take several minutes)
  4. in eclipse, click on "run" and it will deploy application into Android Virtual Device.
Avd in action.png

Hello Fedora Code

package com.example.hellofedora;

import android.app.Activity;
import android.os.Bundle;
import android.widget.TextView;

public class HelloFedora extends Activity {
    /** Called when the activity is first created. */
    @Override
    public void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.main);
        TextView tv = new TextView(this);
        tv.setText("Hello, Android Developer\n Thank you, for using Fedora Linux");
        setContentView(tv);

    }
}

Compiling Android from Source

Since Android is open source software, we can compile the platform ourselves on our Fedora machines. You need to have at least 6GB of disk space free to build Android.
  • Make sure you have Java installed (Java <= 1.5 only for compiling Android <= 2.1). Preferably Sun Java rather than OpenJDK (OpenJDK should still work but issues are more likely to arise).
  • Ensure that these required packages are installed
yum install gcc gcc-c++ gperf flex bison glibc-devel.{x86_64,i686} zlib-devel.{x86_64,i686} ncurses-devel.i686 libsx-devel readline-devel.i386
Note.png
Note
If using 64-bit, make sure you have the packages listed above under "Android Emulator" - "32 bit packages" installed
Note.png
Note
Also make sure the Android Debug Bridge (adb) tool is located in your $PATH. This should have been obtained earlier while setting up the Android SDK
  • Obtain the Android "repo" tool.
curl https://dl-ssl.google.com/dl/googlesource/git-repo/repo > ~/bin/repo
chmod a+x ~/bin/repo
  • Create a directory for the Android source trees (We'll use ~/android/source in this example)
mkdir -p ~/android/source
cd ~/android/source
  • Once in the directory, initialize the AOSP repository. (Only run one of these commands per directory)
# Initialize sources for the master branch of Android
repo init -u git://android.git.kernel.org/platform/manifest.git

# Initialize Cupcake (1.5)
repo init -u git://android.git.kernel.org/platform/manifest.git -b cupcake

# Initialize Donut (1.6)
repo init -u git://android.git.kernel.org/platform/manifest.git -b donut

# Initialize Eclair (2.0 - 2.1)
repo init -u git://android.git.kernel.org/platform/manifest.git -b eclair

# Initialize Froyo (2.2)
repo init -u git://android.git.kernel.org/platform/manifest.git -b froyo

# Initialize Gingerbread (2.3)
repo init -u git://android.git.kernel.org/platform/manifest.git -b gingerbread
  • Now you need to start downloading the source trees from git, while in ~/android/source run:
Note.png
Note
This can take a while depending on your network connection (1 - 3 hours)
repo sync
  • Before you can start building for your device, you will need to acquire some proprietary files directly from your device using the adb tool. There will be a script to do this in your device's configuration directory. While still in ~/android/source do:
# I.e for the Nexus One this would be "device/htc/passion"
cd device//

# The script name *should* be the same in all the devices directories...
./extract-files.sh
  • To build the Android platform, the process is generally like this:
cd ~/android/source
source build/envsetup.sh
lunch      # <- (choose your device from the list)

# To build .img files of the platform (you will need to 'fastboot' these onto a device that supports fastboot):
make

# To build an OTA (Over The Air) package (zip files that carriers send out to devices for updates):
make otapackage

# To build a specific component, for example the Camera application:
make Camera
  • All output from the build process will be located in the directory contained by the shell variable $OUT (the $OUT directory will be different based on what product you lunched earlier). $OUT will generally be something like ~/android/source/out/target/product/
  • If your device is not in the 'lunch' list, it's because there is no official open source device config for your particular device. For example, at this point in time, the only device configs that come with the source trees, are the G1 (dream), MyTouch (sapphire), Nexus One (passion), and Nexus S (crespo). This is because they are directly related with Google and therefore just as open source as the rest of the platform.
  • If none of these are your Android device, luckily for us, there are open source developers that work on creating these for various devices. What you want to do is obtain the configuration repo, and put it in ~/android/source/device. The easiest way to do this is to use 'git' (provided by the "Development Tools" yum group). You can search http://github.com to see if anyone has started working on a config for your specific device.
  • Of course to install your finished build, your Android device must allow root access with a custom recovery image installed. It should also be noted that by compiling Android from the instructions above (building from the official Android repositories), the resulting build will not have native root access, nor will it have the official Google applications (Gmail, YouTube, Market, etc., these can be installed afterward). To build your own development build with superuser access enabled, some more configuration to the source would be needed and is out of the scope of this tutorial. You could also build from alternate Android source trees, such as CyanogenMod (http://github.com/CyanogenMod/android) (if your device is supported by their project).