How to check for rootkits on Linux with Tiger

Concerned that you may have a rootkit on your Linux server, desktop or laptop? If you want to check whether or not rootkits are present on your system, and get rid of them, you’ll need to scan you system first. One of the best tools to scan for rootkits on Linux is Tiger. When run, it does a complete security report of your Linux system that outlines where the problems are (including rootkits).

In this guide, we’ll go over how to install the Tiger security tool and scan for dangerous Rootkits.

Install Tiger

Tiger doesn’t come with any Linux distributions out of the box, so before going over how to use the Tiger security tool on Linux, we will need to go over how to install it. You will need Ubuntu, Debian, or Arch Linux to install Tiger without compiling the source code.

Ubuntu

Tiger has long been in the Ubuntu software sources. To install it, open up a terminal window and run the following apt command.

sudo apt install tiger

Debian

Debian has Tiger, and it is installable with the Apt-get install command.

sudo apt-get install tiger

Arch Linux

The Tiger security software is on Arch Linux via the AUR. Follow the steps below to install the software on your system.

Step 1: Install the packages required to install AUR packages by hand. These packages are Git and Base-devel.

sudo pacman -S git base-devel

Step 2: Clone the Tiger AUR snapshot to your Arch PC using the git clone command.

git clone https://aur.archlinux.org/tiger.git

Step 3: Move the terminal session from its default directory (home) to the new tiger folder that holds the pkgbuild file.

cd tiger

Step 4: Generate an Arch installer for Tiger. Building a package is done with the makepkg command, but beware: sometimes package generation doesn’t work due to dependency problems. If this happens to you, check the official Tiger AUR page for the dependencies. Be sure also to read the comments, as other users may have insights.

makepkg -sri

Fedora and OpenSUSE

Sadly, both Fedora, OpenSUSE and other RPM/RedHat-based Linux distributions do not have an easy to install binary package to install Tiger with. To use it, consider converting the DEB package with alien. Or follow the source code instructions below.

Generic Linux

To build the Tiger app from source, you’ll need to clone the code. Open up a terminal and do the following:

git clone https://git.savannah.nongnu.org/git/tiger.git

Install the program by running the included shell script.

sudo ./install.sh

Alternatively, if you’d like to run it (rather than install it) do the following:

sudo ./tiger

Check for rootkits on Linux

Tiger is an automatic application. It doesn’t have any unique options or switches that users can use in the command-line. The user can’t just “run the rootkit” option to check for one. Instead, the user must use Tiger and run a full scan.

Each time the program runs, it does a scan of many different types of security threats on the system. You’ll be able to see everything it’s scanning. Some of the things that Tiger scans are:

  • Linux password files.
  • .rhost files.
  • .netrc files.
  • ttytab, securetty, and login configuration files.
  • Group files.
  • Bash path settings.
  • Rootkit checks.
  • Cron startup entries.
  • “Break-in” detection.
  • SSH configuration files.
  • Listening processes.
  • FTP configuration files.

To run a Tiger security scan on Linux, gain a root shell using the su or sudo -s command.

su -

or

sudo -s

Using root privileges, execute the tiger command to start the security audit.

tiger

Let the tiger command run and go through the audit process. It will print out what it’s scanning, and how it is interacting with your Linux system. Let the Tiger audit process run its course; it’ll print out the location of the security report in the terminal.

View Tiger Logs

To determine if you have a rootkit on your Linux system, you must view the security report.

To look at any Tiger security report, open up a terminal and use the CD command to move into /var/log/tiger.

Note: Linux will not let non-root users in /var/log. You must use su.

su -

or

sudo -s

Then, access the log folder with:

cd /var/log/tiger

In the Tiger log directory, run the ls command. Using this command prints out all the files in the directory.

ls

Take your mouse and highlight the security report file that ls reveals in the terminal. Then, view it with the cat command.

cat security.report.xxx.xxx-xx:xx

Look over the report and determine if Tiger has detected a rootkit on your system.

Removing rootkits on Linux

Removing Rootkits from Linux systems — even with the best tools, is hard and not successful 100% of the time. While it is true there are programs out there that may help get rid of these kinds of issues; they don’t always work.

Like it or not, if Tiger has determined a dangerous worm on your Linux PC, it’s best to back up your critical files, create a new live USB, and re-install the operating system altogether.

Read How to check for rootkits on Linux with Tiger by Derrik Diener on AddictiveTips – Tech tips to make you smarter

How to get a “Gnome-like” overview mode in KDE Plasma with qOverview

Those who love the look of Gnome Shell but want a better, more feature-filled setup should consider switching to KDE Plasma, especially since software like qOverview exists. qOverview is a piece of software that lets users experience a “Gnome-like” overview in KDE Plasma 5.

In this guide, we’ll go over how to set up qOverview, how to use it and recreate a fully functional Gnome desktop in KDE!

Note: please understand that qOverview is highly experimental software. It may not run correctly on your system! Use it at your own risk!

Install qOverview

The developer has qOverview on GitLab, and it’s the only way to install it. To get it, you’ll need to clone the source code directly from the internet. However, before we do that, some dependencies need to be installed.

If you do not use Ubuntu, Debian, Arch Linux, Fedora or OpenSUSE, you’ll need to install the dependencies manually. Head over to this page to learn what they are.

Ubuntu

sudo apt install python3-pyqt5 python3-pyqt5.qtquick python3-dbus python3-yaml wmctrl

Debian

sudo apt-get install python3-pyqt5 python3-pyqt5.qtquickwmctrl

Arch Linux

sudo pacman -S python-pyqt5 python-dbus python-yaml wmctrl

Fedora

sudo dnf install python3-PyQt5 python3-dbus wmctrl

OpenSUSE

sudo zypper install python3-qt5 python-dbus python3-PyYAML python3-PyYAML wmctrl

With the dependencies taken care of, it’s time to start the building process. Follow the steps below to build the software.

Step 1: Clone the source code to your Linux PC using the git clone command.

git clone https://gitlab.com/bharadwaj-raju/qOverview.git

Step 2: Move the terminal session from its current directory (your home folder) into the qOverview code folder with the CD command.

cd qOverview

Step 3: Install the qOverview software on your Linux PC with the included script file. Be sure to run it with either sudo or su, or the code may not work.

sudo ./install.sh

Autostart qOverview

qOverview needs to be set to start automatically, or it will not work correctly. To automatically start it, you’ll need to work with the systemd init system, by creating a custom service file. In a terminal window, use the touch command to create a new file, then open it up in the Nano text editor.

sudo -s

touch /etc/systemd/system/qoverview.service

nano /etc/systemd/system/qoverview.service

Paste the following code for the new qOverview service file in the Nano, text editor:

[Unit]
Description=Spark service

[Service]
ExecStart=/usr/bin/qoverview.sh

[Install]
WantedBy=multi-user.target

Save the service file with the Ctrl + O keyboard combination. Then, use touch and echo to create the startup component of the service.

touch /usr/bin/qoverview.sh
echo '#!/bin/bash' >> /usr/bin/qoverview.sh

echo ' ' >> /usr/bin/qoverview.sh

echo 'qoverview-config-server' >> /usr/bin/qoverview.sh

Update the permissions of the script file using the chmod command.

sudo chmod u+x /usr/bin/qoverview.sh

Enable the new systemd entry file using the systemctl commands below.

sudo systemctl enable qoverview.service
sudo systemctl start qoverview.service

If the service starts successfully, qOverview will always be running on your system.

Configure qOverview

The qOverview software is running in the background, thanks to a custom systemd service. The next step is to set the software so that we can recreate the Gnome Shell desktop. In a terminal, run the qoverview-config-server command.

qoverview-config-server

Pay attention to the terminal prompt when this command runs, as qOverview will scan your system and set up a new Gnome-like desktop for you. If it fails, read the errors and re-run it. Then, after the configuration command finishes up, return to your terminal window and run the command below.

qoverview-config-server >/dev/null 2>&1 & disown

Running the qoverview-config-server in this way allows users to keep the qOverview server running in the background without keeping a terminal window open.

qOverview on KDE Plasma

Now that all the technical stuff is taken care of, we can use the qOverview software and get the Gnome-like overview mode in KDE we wanted. Access qOverview for the first time in KDE Plasma by pressing Alt + F2 on the keyboard. Type in the qoverview command. Running it will automatically start up a new “Gnome-like” overview mode you can use!

Note: qOverview has trouble working with custom KDE Plasma 5 themes. We highly recommend setting this software up with the default “Breeze” theme. Head over here to learn how to change KDE Plasma themes!

qoverview

Add custom items to the dock

Looking to add custom items to the qOverview dock? Open the config file in Nano.

nano ~/.config/qoverview.yaml

Scroll down to “dock-items” and write in the name of the applications you’d like to add. Then, press Ctrl + O to save, and Ctrl + X to exit.

Learn more about qOverview

The qOverview software has a lot of options and features. In this article, we’ve gone over the basics. Want to know more about it? Head over to the official development page. It has lots of information, like binding screen edges, adding custom items to the desktop and more! Alternatively, read the included README that comes with the code, by typing the following:

cat ~/qOverview/README.md

Read How to get a “Gnome-like” overview mode in KDE Plasma with qOverview by Derrik Diener on AddictiveTips – Tech tips to make you smarter

How to install and use the Kube mail client on Linux

There are so many email clients on Linux, and we’ve talked about these programs a lot on AddictiveTips. For the most part, these email clients are perfectly fine, though, the community is begging for something new.

Meet the Kube email client; a “modern communication platform” for Linux. It can handle multiple email accounts, supports encryption via GPG, has support for the CalDAV calendar system and more!

Note: the Kube mail client is a work in progress. It’s mostly stable, but some issues may arise. It may not work for you! Use at your own risk!

Install Kube Mail

The Kube mail client is under active development. For this reason, installing it is limited to just a few options (specifically, Flatpak, Arch Linux, and Fedora Copr). Open up a terminal window and follow along to get the program working on your system.

All Linuxes via Flatpak

Before installing the KDE Kube email client via Flatpak, it’s important to install and configure the Flatpak runtime software on your Linux distribution. Luckily, getting Flatpak working is simple and involves loading up the flatpak package in your Linux OS’s package manager.

Note: unsure of how to set up the Flatpak runtime? We can help! Check out our guide on how to set up the Flatpak runtime here!

With the Flatpak runtime working on Linux, it’s possible to install Kube to it. In the terminal, run the command below.

flatpak -y --user install --from https://files.kube-project.com/flatpak/com.kubeproject.kube.flatpakref

When the installation completes, run the KDE Kube email client instantly with:

flatpak run com.kubeproject.kube

Alternatively, run KDE Kube by searching the “Internet” section of your application menu for “Kube.”

Arch Linux

Arch Linux is famous for bleeding-edge software, so it’s not hard to understand why they’d put the Kube mail client in the official software sources. Follow the step-by-step instructions below, and soon you’ll be running the latest version of Kube on Arch!

Step 1: In the terminal, open your Pacman.conf file in the Nano text editor.

sudo nano /etc/pacman.conf

Step 2: Use the arrow keys on the keyboard and scroll through Pacman.conf for “Community.” Remove all of the # symbols on “Community,” as well as any lines directly below it.

Step 3: Save the edits to Pacman.conf by pressing the Ctrl + O keyboard combination.

Step 4: Exit the Nano editor with the Ctrl + X keyboard combination.

Step 5: Re-sync Pacman and allow it to set up the “Community” software source on your PC.

sudo pacman -Syyuu

Step 6: Install the Kube email client.

sudo pacman -S kube

Fedora Linux

Thanks to Copr, the Kube email client has found it’s way to Fedora.

Note: the Kube Copr repository for Fedora is unstable. It may refuse to install in some cases. If this happens, try the Flatpak instead.

sudo dnf copr enable rajeeshknambiar/kube

With the repo set up on Fedora, install Kube and all dependencies:

sudo dnf install kdav2 kimap2 kube sink -y

Set up Kube

Opening up Kube for the first time will show you the new account screen. It has three options to choose from: Kolab Now (the paid communication service), Google, and custom. Click on one of the account options to go through the account setup process.

Using Kube with Kolab Now

To use a Kolab Now account with the Kube mail client, click the “Kolab Now” button on the new account page.

Enter your first and last name in the “Name” box, and your Kolab Now email address in the “Email address” box. When done, click the “Save” button to add the account to Kube.

If your Kolab details are correct, Kube will start to download your email.

Using Kube with Gmail

Looking to add Gmail to Kube? To do it, click the “Google” button on the new account page. Then, fill out your first and last name in the “Name” box, and your Gmail address in the “Email address” box.

When you’ve filled out your Gmail information, follow this link to enable IMAP for Kube. You’ll also need to allow “less secure apps” to let Kube access your email.

After enabling IMAP and the “less secure apps” feature within Gmail, click the “Save” button in the account window to access your Gmail account in Kube.

Using Kube with any email account

Aside from services like Gmail and Kolab Now, the Kube email client can work with any old email provider. To add your email, click the “Custom” box.

Note: to use a custom email provider with Kube, you must know it’s IMAP and SMTP address. It’s also a good idea to know the CALdav address if your account supports that as well.

Fill out the all of the information boxes to connect your email account to Kube. When you’ve finished filling out the account information, click the “Save” button to load your email messages.

Read How to install and use the Kube mail client on Linux by Derrik Diener on AddictiveTips – Tech tips to make you smarter

How to create audio books on Linux with M4Baker

M4Baker is an excellent application for Linux that lets users take audio tracks of any format and encode them into a nice chaptered audiobook file for playback within audiobook players on Linux (and elsewhere) that support the M4B format.

In this guide, we’ll go over how to take audiobook files, encode them into the M4B audiobook format and create audio books on Linux.

Note: you do not have to record your audiobook to use M4B. It is possible to take existing audio tracks and compile them into an audiobook. You can download free, public-domain audio files on Archive.org.

Install M4Baker

The M4Baker app has been around for a while. Despite its age, many distributions do not carry it in their software sources.

For this reason, we’ll be building the program from its source code. However, before compiling anything, some dependencies need to be installed. These dependencies are critical to the process and help the M4Baker source code compile on your machine.

Dependencies

Dependencies for M4Baker are Python 2.6+, PyQT 4.6, Qt 4.5+, FAAC 1.26+, Sox 14.3+, and Mp4v2 1.9. Follow the instructions below and learn how to get these dependencies working on your Linux operating system of choice.

Note: Arch Linux users can build M4Baker from source automatically thanks to the Arch Linux AUR. Point your favorite AUR helper to the m4baker-git package to get it working.

Ubuntu

sudo apt install git python-qt4 libcanberra-gtk-module faac libmp4v2-2 mp4v2-utils sox libsox-fmt-mp3

Debian

sudo apt-get install git faaclibcanberra-gtk-module faac libmp4v2-2 mp4v2-utils sox libsox-fmt-mp3

Fedora

sudo dnf install git PyQT4 python2 faac libmp4v2-devel libmp4v2 libcanberra sox qt-devel 
sudo dnf install http://download1.rpmfusion.org/free/fedora/releases/26/Everything/x86_64/os/Packages/s/sox-plugins-freeworld-14.4.2-1.fc25.x86_64.rpm -y

OpenSUSE

sudo zypper install git python2-qt4 python libcanberra-gtk-module-common faac libmp4v2-devel libqt4-devel

Note: OpenSUSE doesn’t have the MP3 plugin for Sox in their repositories. As a result, you will need to compile and install Sox by hand to use it. Head over to the Sox GitHub page and download the source-code here. Instructions to build the software on Linux are located in README.sh.

Download source code

With the M4Baker libraries taken care of, it’s time to download the source code. In a terminal, use the git clone command.

git clone https://github.com/crabmanX/m4baker

Move your terminal window into the new m4baker code folder with the CD command.

cd m4baker

Compilation

The compilation and setup process for M4Baker is refreshingly simple, compared to a lot of other programs Linux users build from source. To get it running, you’ll only need to run the Python2 installation script file. Please note that this installation script needs to run with sudo privileges, or in a root shell. Without proper system access, M4Baker can’t take advantage of the right directories and binaries on your Linux PC.

To start the compilation process for the M4Baker tool, run the following command in the terminal shell:

python setup.py install --optimize=1

M4Baker’s installation script is relatively quick. When the script finishes, you can instantly start the program with the m4baker command in the terminal window. It also is possible to start up the program by searching your application menu for “M4Baker”.

Preparing your audiobook in M4Baker

The first step to creating a new audiobook in M4Baker is importing the audio files. Add audio files to your new project by clicking the “Edit” menu, then “add Audiobook.”

Press the Ctrl key down on your keyboard and use the mouse to select every audio file you’d like to add. When everything is selected, click the “Open” button to import the tracks to M4Baker.

Note: be sure to keep all audio tracks related to the Audiobook project in the same folder for easy access.

M4Baker sorts audio files in a group, starting with the folder. Double-click on the folder with the mouse and rename it to the of title your new Audiobook. When you’re satisfied with the book’s title, look at the audio files below it in the list. Sort through the list, select each file individually with the mouse, and fill out its information in the info box on the right.

Exporting your audiobook with M4Baker

Your book’s track has the correct information, and everything is ready to go. All that’s left is to export it as an M4Baker audiobook file. To start the export process, click on the book folder and look for the “output” file section.

Click on the icon under “output” file to bring up the file browser. Browse to the directory where you’d like to save the M4Baker audiobook file and click “save.”

Now that the output file is set in the M4Baker app, exporting is ready to begin. Click on the “File” menu and look for the “Process all” button and click on it to start the encoding process.

Let M4Baker encode your new audiobook. When the exporting process is complete, you’ll be able to find it where you saved the output file.

Read How to create audio books on Linux with M4Baker by Derrik Diener on AddictiveTips – Tech tips to make you smarter

How to use NitroShare on Linux

Sharing files on Linux is harder than it should be. It’s complicated, and this makes sending files to other computers on the network a chore. As a result, many people avoid sharing data.

If you’re tired of dealing with the complicated monotony of command-line file sharing tools on Linux, check out NitroShare. It’s a simple, cross-platform tool that, when installed, can detect computers on a network for quick, no-setup file sharing.

Install NitroShare

NitroShare is available on many different Linux distributions. To get the program up and running, open up a terminal window and follow the command instructions that match the operating system you use.

Note: in this tutorial, we will be covering how to install and use NitroShare on Linux systems. That said, there is a Windows and Mac version too! These versions of the program are downloadable via the official website.

Ubuntu

To get NitroShare on Ubuntu, launch a terminal shell and run the following apt install command.

sudo apt install nitroshare

Alternatively, install Nitroshare on your Ubuntu PC by opening the Ubuntu Software Center application, searching for “Nitroshare” and selecting the “Install” button.

Debian

Debian Linux has a version of the NitroShare file-sharing application in the primary software sources. To install it, open up a terminal and run the apt-get install command below.

Note: this version of Nitroshare may be severely out of date, due to how Debian maintains packages.

sudo apt-get install nitroshare

Arch Linux

The NitroShare developer has uploaded an official AUR package for the program, so that Arch users may use the program. To install it, follow the steps outlined below!

Step 1: Using the Pacman package manager, install both Base-devel and Git.

sudo pacman -S base-devel git

Step 2: Clone the latest NitroShare AUR snapshot with the git tool.

git clone https://aur.archlinux.org/nitroshare.git

Step 3: Move the terminal into the new nitroshare snapshot folder with the CD command.

cd nitroshare

Step 4: Compile NitroShare and install the program to Arch Linux using the makepkg command.

Note: building the NitroShare application from the Arch Linux AUR may present problems. Be sure to correct any dependencies by hand, by visiting the official AUR page. If you run into issues getting them, read the comments on the official page for guidance.

makepkg -sri

Fedora

NitroShare is now in the official Fedora Linux software sources, so installing it is quick. Launch a terminal and use the dnf install command to get it working.

sudo dnf install nitroshare -y

OpenSUSE

To get the NitroShare software on OpenSUSE systems, you must use the zypper install command.

sudo zypper install nitroshare

Alternatively, get NitroShare from the OBS, by going to this page here and clicking the install button next to your version of SUSE.

Generic Linux

Those using a lesser-known version of Linux will need to build NitroShare from source. Download the source code here, extract it, and read the included “README” file to learn how to build it.

Having trouble building Nitroshare from source? Consider switching to Ubuntu, Fedora or the other operating systems covered in this guide, as they have better, easier ways to install the program.

Sharing files with NitroShare on Linux

Open up NitroShare and let it run. As it opens, it’ll go to the system tray on your desktop. Right-click on the Nitro system-tray icon. As you right-click on the icon, you’ll see a context menu.

Note: be sure to also open up NitroShare on the computer receiving the file, or the transfer will fail!

In the menu, look for the “send files” button and select it to open up a file browser.

Look through the file browser window and navigate to the file you’re looking to send with the NitroShare program. Then click the “open” button to share it.

Clicking the “open” button will bring up a “device” selection window. In this window, look for the computer you’d like to send the file to and click the “OK” button to start the transfer. All files transfer to ~/Downloads/Nitroshare.

Sharing folders with NitroShare on Linux

NitroShare can send entire directories full of data over the network in addition to single files. To start, open up the program on the computer sharing the data (be sure to also open NitroShare on the computer receiving the shared data). Then, right-click on the system tray icon on the host machine, and select the “send directory” option in the menu.

Once the “send directory” button is selected, a file browser window opens. Use the browser to locate the folder to send with NitroShare.

After opening the directory with the NitroShare app, the “select device” window will appear on the screen.

In the device menu, select the computer you’d like to share the data with, then choose “OK” to start the file transfer process.

When the directory is done transferring, you’ll be able to access it in ~/Downloads/Nitroshare.

Read How to use NitroShare on Linux by Derrik Diener on AddictiveTips – Tech tips to make you smarter