document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2024-12-26 21:30:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'LCTT/master'

Browse Source
This commit is contained in:
wxy 2018-01-21 22:05:30 +08:00
commit d5a0c8548d
16 changed files with 903 additions and 569 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

208
sources/tech/20111124 How to find hidden processes and ports on Linux-Unix-Windows.md
View File

@ -1,208 +0,0 @@
Translating by ljgibbslf
How to find hidden processes and ports on Linux/Unix/Windows
======
Unhide is a little handy forensic tool to find hidden processes and TCP/UDP ports by rootkits / LKMs or by another hidden technique. This tool works under Linux, Unix-like system, and MS-Windows operating systems. From the man page:
> It detects hidden processes using three techniques:
>
> 1. The proc technique consists of comparing /proc with the output of [/bin/ps][1].
> 2. The sys technique consists of comparing information gathered from [/bin/ps][1] with information gathered from system calls.
> 3. The brute technique consists of bruteforcing the all process IDs. This technique is only available on Linux 2.6 kernels.
>
Most rootkits/malware use the power of the kernel to hide, they are only visible from within the kernel. You can use unhide or tool such as [rkhunter to scan for rootkits, backdoors, and possible][2] local exploits.
[![How to find hidden process and ports on Linux, Unix, FreeBSD and Windows][3]][3]
This page describes how to install unhide and search for hidden process and TCP/UDP ports.
### How do I Install Unhide?
It is recommended that you run this tool from read-only media. To install the same under a Debian or Ubuntu Linux, type the following [apt-get command][4]/[apt command][5]:
`$ sudo apt-get install unhide`
Sample outputs:
```
[sudo] password for vivek:
Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
rkhunter
The following NEW packages will be installed:
unhide
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 46.6 kB of archives.
After this operation, 136 kB of additional disk space will be used.
Get:1 http://in.archive.ubuntu.com/ubuntu artful/universe amd64 unhide amd64 20130526-1 [46.6 kB]
Fetched 46.6 kB in 0s (49.0 kB/s)
Selecting previously unselected package unhide.
(Reading database ... 205367 files and directories currently installed.)
Preparing to unpack .../unhide_20130526-1_amd64.deb ...
Unpacking unhide (20130526-1) ...
Setting up unhide (20130526-1) ...
Processing triggers for man-db (2.7.6.1-2) ...
```
### How to install unhide on a RHEL/CentOS/Oracle/Scientific/Fedora Linux
Type the following [yum command][6] (first turn on [EPLE repo on a CentOS/RHEL version 6.x][7] or [version 7.x][8]):
`$ sudo yum install unhide`
If you are using a Fedora Linux, type the following dnf command:
`$ sudo dnf install unhide`
### How to install unhide on an Arch Linux
Type the following pacman command:
`$ sudo pacman -S unhide`
### FreeBSD : Install unhide
Type the following command to install unhide using the port, enter:
```
# cd /usr/ports/security/unhide/
# make install clean
```
OR, you can install the same using the binary package with help of pkg command:
`# pkg install unhide`
**unhide-tcp** is a forensic tool that identifies TCP/UDP ports that are listening but are not listed in [/bin/netstat][9] or [/bin/ss command][10] through brute forcing of all TCP/UDP ports available.
### How do I use unhide tool?
The syntax is:
` unhide [options] test_list`
Test_list is one or more of the following standard tests:
1. brute
2. proc
3. procall
4. procfs
5. quick
6. reverse
7. sys
Elementary tests:
1. checkbrute
2. checkchdir
3. checkgetaffinity
4. checkgetparam
5. checkgetpgid
6. checkgetprio
7. checkRRgetinterval
8. checkgetsched
9. checkgetsid
10. checkkill
11. checknoprocps
12. checkopendir
13. checkproc
14. checkquick
15. checkreaddir
16. checkreverse
17. checksysinfo
18. checksysinfo2
19. checksysinfo3
You can use it as follows:
```
# unhide proc
# unhide sys
# unhide quick
```
Sample outputs:
```
Unhide 20130526
Copyright © 2013 Yago Jesus & Patrick Gouin
License GPLv3+ : GNU GPL version 3 or later
http://www.unhide-forensics.info
NOTE : This version of unhide is for systems using Linux >= 2.6
Used options:
[*]Searching for Hidden processes through comparison of results of system calls, proc, dir and ps
```
### How to use unhide-tcp forensic tool that identifies TCP/UDP ports
From the man page:
> unhide-tcp is a forensic tool that identifies TCP/UDP ports that are listening but are not listed by /sbin/ss (or alternatively by /bin/netstat) through brute forcing of all TCP/UDP ports available.
> Note1 : On FreeBSD ans OpenBSD, netstat is allways used as iproute2 doesn't exist on these OS. In addition, on FreeBSD, sockstat is used instead of fuser.
> Note2 : If iproute2 is not available on the system, option -n or -s SHOULD be given on the command line.
```
# unhide-tcp
```
Sample outputs:
```
Unhide 20100201
http://www.security-projects.com/?Unhide
Starting TCP checking
Starting UDP checking
```
(Fig.02: No hidden ports found using the unhide-tcp command)
However, I found something interesting:
`# unhide-tcp `
Sample outputs:
```
Unhide 20100201
http://www.security-projects.com/?Unhide
Starting TCP checking
Found Hidden port that not appears in netstat: 1048
Found Hidden port that not appears in netstat: 1049
Found Hidden port that not appears in netstat: 1050
Starting UDP checking
```
The [netstat -tulpn][11] or [ss commands][12] displayed nothing about the hidden TCP ports # 1048, 1049, and 1050:
```
# netstat -tulpn | grep 1048
# ss -lp
# ss -l | grep 1048
```
For more info read man pages by typing the following command:
```
$ man unhide
$ man unhide-tcp
```
### A note about Windows users
You can grab the WinUnhide/WinUnhide-TCP by [visiting this page][13].
--------------------------------------------------------------------------------
via: https://www.cyberciti.biz/tips/linux-unix-windows-find-hidden-processes-tcp-udp-ports.html
作者:[Vivek Gite][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.cyberciti.biz
[1]:https://www.cyberciti.biz/faq/show-all-running-processes-in-linux/ (Linux / Unix ps command)
[2]:https://www.cyberciti.biz/faq/howto-check-linux-rootkist-with-detectors-software/
[3]:https://www.cyberciti.biz/tips/wp-content/uploads/2011/11/Linux-FreeBSD-Unix-Windows-Find-Hidden-Process-Ports.jpg
[4]:https://www.cyberciti.biz/tips/linux-debian-package-management-cheat-sheet.html (See Linux/Unix apt-get command examples for more info)
[5]://www.cyberciti.biz/faq/ubuntu-lts-debian-linux-apt-command-examples/ (See Linux/Unix apt command examples for more info)
[6]:https://www.cyberciti.biz/faq/rhel-centos-fedora-linux-yum-command-howto/ (See Linux/Unix yum command examples for more info)
[7]:https://www.cyberciti.biz/faq/fedora-sl-centos-redhat6-enable-epel-repo/
[8]:https://www.cyberciti.biz/faq/installing-rhel-epel-repo-on-centos-redhat-7-x/
[9]:https://www.cyberciti.biz/tips/linux-display-open-ports-owner.html (Linux netstat command)
[10]:https://www.cyberciti.biz/tips/linux-investigate-sockets-network-connections.html
[11]:https://www.cyberciti.biz/tips/netstat-command-tutorial-examples.html
[12]:https://www.cyberciti.biz/tips/linux-investigate-sockets-network-connections.html
[13]:http://www.unhide-forensics.info/?Windows:Download

2
sources/tech/20170511 Working with VI editor - The Basics.md
View File

@ -1,3 +1,5 @@
translating by ljgibbslf
Working with VI editor : The Basics
======
VI editor is a powerful command line based text editor that was originally created for Unix but has since been ported to various Unix & Linux distributions. In Linux there exists another, advanced version of VI editor called VIM (also known as VI IMproved ). VIM only adds funtionalities to already powefrul VI editor, some of the added functionalities a

138
sources/tech/20171102 What is huge pages in Linux.md
View File

@ -1,138 +0,0 @@
translating by lujun9972
What is huge pages in Linux?
======
Learn about huge pages in Linux. Understand what is hugepages, how to configure it, how to check current state and how to disable it.
![Huge Pages in Linux][1]
In this article, we will walk you though details about huge pages so that you will be able to answer : what is huge pages in Linux? How to enable/disable huge pages? How to determine huge page value? in Linux like RHEL6, RHEL7, Ubuntu etc.
Lets start with Huge pages basics.
### What is Huge page in Linux?
Huge pages are helpful in virtual memory management in Linux system. As name suggests, they help is managing huge size pages in memory in addition to standard 4KB page size. You can define as huge as 1GB page size using huge pages.
During system boot, you reserve your memory portion with huge pages for your application. This memory portion i.e. these memory occupied by huge pages is never swapped out of memory. It will stick there until you change your configuration. This increases application performance to great extent like Oracle database with pretty large memory requirement.
### Why use huge page?
In virtual memory management, kernel maintains table in which it has mapping of virtual memory address to physical address. For every page transaction, kernel needs to load related mapping. If you have small size pages then you need to load more numbers of pages resulting kernel to load more mapping tables. This decreases performance.
Using huge pages, means you will need fewer pages. This decreases number of mapping tables to load by kernel to great extent. This increases your kernel level performance which ultimately benefits your application.
In short, by enabling huge pages, system has fewer page tables to deal with and hence less overhead to access / maintain them!
### How to configure huge pages?
Run below command to check current huge pages details.
```
root@kerneltalks # grep Huge /proc/meminfo
AnonHugePages: 0 kB
HugePages_Total: 0
HugePages_Free: 0
HugePages_Rsvd: 0
HugePages_Surp: 0
Hugepagesize: 2048 kB
```
In above output you can see one page size is 2MB `Hugepagesize` and total of 0 pages on system `HugePages_Total`. This huge page size can be increased from 2MB to max 1GB.
Run below script to get how much huge pages your system needs currently . Script is from Oracle and can be found.
```
#!/bin/bash
#
# hugepages_settings.sh
#
# Linux bash script to compute values for the
# recommended HugePages/HugeTLB configuration
#
# Note: This script does calculation for all shared memory
# segments available when the script is run, no matter it
# is an Oracle RDBMS shared memory segment or not.
# Check for the kernel version
KERN=`uname -r | awk -F. '{ printf("%d.%d\n",$1,$2); }'`
# Find out the HugePage size
HPG_SZ=`grep Hugepagesize /proc/meminfo | awk {'print $2'}`
# Start from 1 pages to be on the safe side and guarantee 1 free HugePage
NUM_PG=1
# Cumulative number of pages required to handle the running shared memory segments
for SEG_BYTES in `ipcs -m | awk {'print $5'} | grep "[0-9][0-9]*"`
do
MIN_PG=`echo "$SEG_BYTES/($HPG_SZ*1024)" | bc -q`
if [ $MIN_PG -gt 0 ]; then
NUM_PG=`echo "$NUM_PG+$MIN_PG+1" | bc -q`
fi
done
# Finish with results
case $KERN in
'2.4') HUGETLB_POOL=`echo "$NUM_PG*$HPG_SZ/1024" | bc -q`;
echo "Recommended setting: vm.hugetlb_pool = $HUGETLB_POOL" ;;
'2.6' | '3.8' | '3.10' | '4.1' ) echo "Recommended setting: vm.nr_hugepages = $NUM_PG" ;;
*) echo "Unrecognized kernel version $KERN. Exiting." ;;
esac
# End
```
You can save it in `/tmp` as `hugepages_settings.sh` and then run it like below :
```
root@kerneltalks # sh /tmp/hugepages_settings.sh
Recommended setting: vm.nr_hugepages = 124
```
Output will be similar to some number as shown in above sample output.
This means your system needs 124 huge pages of 2MB each! If you have set 4MB as page size then output would have been 62. You got the point, right?
### Configure hugepages in kernel
Now last part is to configure above stated [kernel parameter][2] and reload it. Add below value in `/etc/sysctl.conf` and reload configuration by issuing `sysctl -p` command.
```
vm .nr_hugepages=126
```
Notice that we added 2 extra pages in kernel since we want to keep couple of pages spare than actual required number.
Now, huge pages has been configured in kernel but to allow your application to use them you need to increase memory limits as well. New memory limit should be 126 pages x 2 MB each = 252 MB i.e. 258048 KB.
You need to edit below settings in `/etc/security/limits.conf`
```
soft memlock 258048
hard memlock 258048
```
Sometimes these settings are configured in app specific files like for Oracle DB its in `/etc/security/limits.d/99-grid-oracle-limits.conf`
Thats it! You might want to restart your application to make use of these new huge pages.
### How to disable hugepages?
HugePages are generally enabled by default. Use below command to check current state of hugepages.
```
root@kerneltalks# cat /sys/kernel/mm/transparent_hugepage/enabled
[always] madvise never
```
`[always]` flag in output shows that hugepages are enabled on system.
For RedHat base systems file path is `/sys/kernel/mm/redhat_transparent_hugepage/enabled`
If you want to disable huge pages then add `transparent_hugepage=never` at the end of `kernel` line in `/etc/grub.conf` and reboot the system.
--------------------------------------------------------------------------------
via: https://kerneltalks.com/services/what-is-huge-pages-in-linux/
作者:[Shrikant Lavhate][a]
译者:[lujun9972](https://github.com/lujun9972)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://kerneltalks.com
[1]:https://c1.kerneltalks.com/wp-content/uploads/2017/11/hugepages-in-linux.png
[2]:https://kerneltalks.com/linux/how-to-tune-kernel-parameters-in-linux/

105
sources/tech/20171120 How to use special permissions- the setuid, setgid and sticky bits.md
View File

@ -1,105 +0,0 @@
Translating by jessie-pang
How to use special permissions: the setuid, setgid and sticky bits
======
### Objective
Getting to know how special permissions works, how to identify and set them.
### Requirements
* Knowledge of the standard unix/linux permissions system
### Difficulty
EASY
### Conventions
* **#** \- requires given command to be executed with root privileges either directly as a root user or by use of `sudo` command
* **$** \- given command to be executed as a regular non-privileged user
### Introduction
Normally, on a unix-like operating system, the ownership of files and directories is based on the default `uid` (user-id) and `gid` (group-id) of the user who created them. The same thing happens when a process is launched: it runs with the effective user-id and group-id of the user who started it, and with the corresponding privileges. This behavior can be modified by using special permissions.
### The setuid bit
When the `setuid` bit is used, the behavior described above it's modified so that when an executable is launched, it does not run with the privileges of the user who launched it, but with that of the file owner instead. So, for example, if an executable has the `setuid` bit set on it, and it's owned by root, when launched by a normal user, it will run with root privileges. It should be clear why this represents a potential security risk, if not used correctly.
An example of an executable with the setuid permission set is `passwd`, the utility we can use to change our login password. We can verify that by using the `ls` command:
```
ls -l /bin/passwd
-rwsr-xr-x. 1 root root 27768 Feb 11 2017 /bin/passwd
```
How to identify the `setuid` bit? As you surely have noticed looking at the output of the command above, the `setuid` bit is represented by an `s` in place of the `x` of the executable bit. The `s` implies that the executable bit is set, otherwise you would see a capital `S`. This happens when the `setuid` or `setgid` bits are set, but the executable bit is not, showing the user an inconsistency: the `setuid` and `setgit` bits have no effect if the executable bit is not set. The setuid bit has no effect on directories.
### The setgid bit
Unlike the `setuid` bit, the `setgid` bit has effect on both files and directories. In the first case, the file which has the `setgid` bit set, when executed, instead of running with the privileges of the group of the user who started it, runs with those of the group which owns the file: in other words, the group ID of the process will be the same of that of the file.
When used on a directory, instead, the `setgid` bit alters the standard behavior so that the group of the files created inside said directory, will not be that of the user who created them, but that of the parent directory itself. This is often used to ease the sharing of files (files will be modifiable by all the users that are part of said group). Just like the setuid, the setgid bit can easily be spotted (in this case on a test directory):
```
ls -ld test
drwxrwsr-x. 2 egdoc egdoc 4096 Nov 1 17:25 test
```
This time the `s` is present in place of the executable bit on the group sector.
### The sticky bit
The sticky bit works in a different way: while it has no effect on files, when used on a directory, all the files in said directory will be modifiable only by their owners. A typical case in which it is used, involves the `/tmp` directory. Typically this directory is writable by all users on the system, so to make impossible for one user to delete the files of another one, the sticky bit is set:
```
$ ls -ld /tmp
drwxrwxrwt. 14 root root 300 Nov 1 16:48 /tmp
```
In this case the owner, the group, and all other users, have full permissions on the directory (read, write and execute). The sticky bit is identifiable by a `t` which is reported where normally the executable `x` bit is shown, in the "other" section. Again, a lowercase `t` implies that the executable bit is also present, otherwise you would see a capital `T`.
### How to set special bits
Just like normal permissions, the special bits can be assigned with the `chmod` command, using the numeric or the `ugo/rwx` format. In the former case the `setuid`, `setgid`, and `sticky` bits are represented respectively by a value of 4, 2 and 1. So for example if we want to set the `setgid` bit on a directory we would execute:
```
$ chmod 2775 test
```
With this command we set the `setgid` bit on the directory, (identified by the first of the four numbers), and gave full privileges on it to it's owner and to the user that are members of the group the directory belongs to, plus read and execute permission for all the other users (remember the execute bit on a directory means that a user is able to `cd` into it or use `ls` to list its content).
The other way we can set the special permissions bits is to use the ugo/rwx syntax:
```
$ chmod g+s test
```
To apply the `setuid` bit to a file, we would have run:
```
$ chmod u+s file
```
While to apply the sticky bit:
```
$ chmod o+t test
```
The use of special permissions can be very useful in some situations, but if not used correctly the can introduce serious vulnerabilities, so think twice before using them.
--------------------------------------------------------------------------------
via: https://linuxconfig.org/how-to-use-special-permissions-the-setuid-setgid-and-sticky-bits
作者:[Egidio Docile][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://linuxconfig.org

1
sources/tech/20180103 How to preconfigure LXD containers with cloud-init.md
View File

@ -1,3 +1,4 @@
kaneg is translating.
How to preconfigure LXD containers with cloud-init
======
You are creating containers and you want them to be somewhat preconfigured. For example, you want them to run automatically **apt update** as soon as they are launched. Or, get some packages pre-installed, or run a few commands. Here is how to perform this early initialization with [**cloud-init**][1] through [LXD to container images that support **cloud-init**][2].

2
sources/tech/20180110 Best Linux Screenshot and Screencasting Tools.md
View File

@ -1,3 +1,5 @@
translated by cyleft.
Best Linux Screenshot and Screencasting Tools
======
![](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/best-linux-screenshot-and-screencasting-tools_orig.jpg)

85
sources/tech/20180112 Top 5 Firefox extensions to install now.md
View File

@ -1,85 +0,0 @@
translating by ypingcn
Top 5 Firefox extensions to install now
======
The right extensions can greatly enhance your browser's capabilities, but it's important to choose carefully. Here are five that are worth a look.
![](https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/firefox_blue_lead.jpg?itok=gYaubJUv)
The web browser has become a critical component of the computing experience for many users. Modern browsers have evolved into powerful and extensible platforms. As part of this, _extensions_ can add or modify their functionality. Extensions for Firefox are built using the WebExtensions API, a cross-browser development system.
Which extensions should you install? Generally, that decision comes down to how you use your browser, your views on privacy, how much you trust extension developers, and other personal preferences.
First, I'd like to point out that browser extensions often require the ability to read and/or change everything on the web pages you visit. You should consider the ramifications of this _very_ carefully. If an extension has modify access to all the web pages you visit, it could act as a key logger, intercept credit card information, track you online, insert advertisements, and perform a variety of other nefarious activities.
That doesn't mean every extension will surreptitiously do these things, but you should carefully consider the installation source, the permissions involved, your risk profile, and other factors before you install any extension. Keep in mind you can use profiles to manage how an extension impacts your attack surface--for example, using a dedicated profile with no extensions to perform tasks such as online banking.
With that in mind, here are five Firefox extensions that you may want to consider.
### uBlock Origin
![ublock origin ad blocker screenshot][2]
Ublock Origin blocks ads and malware while enabling users to define their own content filters.
[uBlock Origin][3] is a fast, low-memory, wide-spectrum blocker that not only blocks ads but also lets you enforce your own content filtering. The default behavior of uBlock Origin is to block ads, trackers, and malware sites using multiple predefined filter lists. From there it allows you to arbitrarily add lists and rules, or even lock down to a default-deny mode. In addition to being powerful, this extension has proven to be efficient and performant.
### Privacy Badger
![privacy badger ad blocker][5]
Privacy Badger uses algorithms to seamlessly block ads and trackers that violate the principles of user consent.
As its name indicates, [Privacy Badger][6] is a privacy-focused extension that blocks ads and third-party trackers. From the EFF: "Privacy Badger was born out of our desire to be able to recommend a single extension that would automatically analyze and block any tracker or ad that violated the principle of user consent; which could function well without any settings, knowledge, or configuration by the user; which is produced by an organization that is unambiguously working for its users rather than for advertisers; and which uses algorithmic methods to decide what is and isn't tracking."
Why is Privacy Badger on this list when it may seem so similar to uBlock Origin? One reason is that it fundamentally works differently than uBlock Origin. Another is that a practice of defense in depth is a sound policy to follow.
### LastPass
![lastpass password manager screenshot][8]
LastPass is a user-friendly password manager plugin that supports two-factor authorization.
This is likely a controversial addition for many. Whether you should use a password manager at all--and if you do, whether you should choose one that has a browser plugin--is a hotly debated topic, and the answer very much depends on your personal risk profile. I'd assert that most casual computer users should use one, because it's much better than the most common alternative: using the same weak password everywhere.
[LastPass][9] is user-friendly, supports two-factor authentication, and is reasonably secure. The company has had a few security incidents in the past, but it responded well and is well-funded moving forward. Keep in mind that using a password manager isn't an all-or-nothing proposition. Many users choose to use it for the majority of their passwords, while keeping a few complicated, well-constructed passwords for important sites such as banking and multi-factor authentication in their head.
### Xmarks Sync
[Xmarks Sync][10] is a convenient extension that will sync your bookmarks, open tabs, profiles, and browser history across instances. If you have multiple machines, want to sync across desktop and mobile, or use multiple different browsers on the same machine, take a look at Xmarks Sync. (Note that this extension was recently acquired by LastPass.)
### Awesome Screenshot Plus
[Awesome Screenshot Plus][11] allows you to easily capture all or part of any web page, as well as add annotations and comments, blur sensitive information, and more. You can also share images using an optional online service. I've found this tool great for capturing parts of sites for debugging issues, discussing design, and sharing information. It's one of those tools you'll find yourself using more than you might have expected.
I've found all five of these extensions useful, and I recommend them to others. That said, there are many browser extensions out there. I'm curious about which ones other Opensource.com community members currently use and recommend. Let me know in the comments.
![Awesome Screenshot Plus screenshot][13]
Awesome Screenshot Plus allows you to easily capture all or part of any web page.
--------------------------------------------------------------------------------
via: https://opensource.com/article/18/1/top-5-firefox-extensions
作者:[Jeremy Garcia][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://opensource.com/users/jeremy-garcia
[2]:https://opensource.com/sites/default/files/ublock.png (ublock origin ad blocker screenshot)
[3]:https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/
[5]:https://opensource.com/sites/default/files/images/life-uploads/privacy_badger_1.0.1.png (privacy badger ad blocker screenshot)
[6]:https://www.eff.org/privacybadger
[8]:https://opensource.com/sites/default/files/images/life-uploads/lastpass4.jpg (lastpass password manager screenshot)
[9]:https://addons.mozilla.org/en-US/firefox/addon/lastpass-password-manager/
[10]:https://addons.mozilla.org/en-US/firefox/addon/xmarks-sync/
[11]:https://addons.mozilla.org/en-US/firefox/addon/screenshot-capture-annotate/
[13]:https://opensource.com/sites/default/files/screenshot_from_2018-01-04_17-11-32.png (Awesome Screenshot Plus screenshot)

2
sources/tech/20180116 Analyzing the Linux boot process.md
View File

@ -1,3 +1,5 @@
Translating by jessie-pang
Analyzing the Linux boot process
======

101
sources/tech/20180119 How to install Spotify application on Linux.md Normal file
View File

@ -0,0 +1,101 @@
How to install Spotify application on Linux
======
How do I install Spotify app on Ubuntu Linux desktop to stream music?
Spotify is a digital music stream service that provides you access to tons of songs. You can stream for free or buy a subscription. Creating a playlist is possible. A subscriber can listen music ad-free. You get better sound quality. This page **shows how to install Spotify on Linux using a snap package manager that works on Ubuntu, Mint, Debian, Fedora, Arch and many other distros**.
### Installing spotify application on Linux
The procedure to install spotify on Linux is as follows:
1. Install snapd
2. Turn on snapd
3. Find Spotify snap:
```
snap find spotify
```
4. Install spotify music app:
```
do snap install spotify
```
5. Run it:
```
spotify &
```
Let us see all steps and examples in details.
### Step 1 - Install Snapd
You need to install snapd package. It is daemon (service) and tooling that enable snap packages on Linux operating system.
#### Snapd on a Debian/Ubuntu/Mint Linux
Type the following [apt command][1]/[apt-get command][2] as follows:
`$ sudo apt install snapd`
#### Install snapd on an Arch Linux
snapd is available in the Arch User Repository (AUR) only. Run yaourt command (see [how to install yaourt on Archlinux][3]):
```
$ sudo yaourt -S snapd
$ sudo systemctl enable --now snapd.socket
```
#### Get snapd on a Fedora Linux
Run snapd command
```
sudo dnf install snapd
sudo ln -s /var/lib/snapd/snap /snap
```
#### OpenSUSE install snapd
Execute the snap command:
`$ snap find spotify`
[![snap search for spotify app command][4]][4]
Install it:
`$ sudo snap install spotify`
[![How to install Spotify application on Linux using snap command][5]][5]
### Step 3 - Run spotify and enjoy it(译注原博客中就是这么直接跳到step3的)
Run it from GUI or simply type:
`$ spotify`
Automatically sign in to your account on startup:
```
$ spotify --username vivek@nixcraft.com
$ spotify --username vivek@nixcraft.com --password 'myPasswordHere'
```
Start spotify client with given URI when initialized:
`$ spotify--uri=<uri>`
Start with the specified URL:
`$ spotify--url=<url>`
[![Spotify client app running on my Ubuntu Linux desktop][6]][6]
### About the author
The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on [Twitter][7], [Facebook][8], [Google+][9].
--------------------------------------------------------------------------------
via: https://www.cyberciti.biz/faq/how-to-install-spotify-application-on-linux/
作者:[Vivek Gite][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.cyberciti.biz
[1]:https://www.cyberciti.biz/faq/ubuntu-lts-debian-linux-apt-command-examples/ (See Linux/Unix apt command examples for more info)
[2]:https://www.cyberciti.biz/tips/linux-debian-package-management-cheat-sheet.html (See Linux/Unix apt-get command examples for more info)
[3]:https://www.cyberciti.biz/faq/how-to-install-yaourt-in-arch-linux/
[4]:https://www.cyberciti.biz/media/new/faq/2018/01/snap-search-for-spotify-app-command.jpg
[5]:https://www.cyberciti.biz/media/new/faq/2018/01/How-to-install-Spotify-application-on-Linux-using-snap-command.jpg
[6]:https://www.cyberciti.biz/media/new/faq/2018/01/Spotify-client-app-running-on-my-Ubuntu-Linux-desktop.jpg
[7]:https://twitter.com/nixcraft
[8]:https://facebook.com/nixcraft
[9]:https://plus.google.com/+CybercitiBiz

105
sources/tech/20180119 No More Ubuntu Debian is the New Choice For Googles In-house Linux Distribution.md Normal file
View File

@ -0,0 +1,105 @@
Translating by jessie-pang
No More Ubuntu! Debian is the New Choice For Googles In-house Linux Distribution
============================================================
_Brief: For years Google used Goobuntu, an in-house, Ubuntu-based operating system. Goobuntu is now being replaced by gLinux, which is based on Debian Testing._
If you have read [Ubuntu facts][18], you probably already know that Google uses a Linux distribution called [Goobuntu][19] as the development platform. It is a custom Linux distribution based on…(easy to guess)… Ubuntu.
Goobuntu is basically a “[light skin over standard Ubuntu][20]“. It is based on the LTS releases of Ubuntu. If you think that Google contributes to the testing or development of Ubuntu, you are wrong. Google is simply a paying customer for Canonicals [Ubuntu Advantage Program][21]. [Canonical][22] is the parent company behind Ubuntu.
### Meet gLinux: Googles new Linux distribution based on Debian Buster
![gLinux from Goobuntu](https://itsfoss.com/wp-content/uploads/2018/01/glinux-announcement-800x450.jpg)
After more than five years with Ubuntu, Google is replacing Goobuntu with gLinux, a Linux distribution based on Debian Testing release.
As [MuyLinux reports][23], gLinux is being built from the source code of the packages and Google introduces its own changes to it. The changes will also be contributed to the upstream.
This news is not really new. It was announced in Debconf17 in August last year. Somehow the story did not get the attention it deserves.
You can watch the presentation in Debconf video [here][24]. The gLinux presentation starts around 12:00.
[Suggested readCity of Barcelona Kicks Out Microsoft in Favor of Linux and Open Source][25]
### Moving from Ubuntu 14.04 LTS to Debian 10 Buster
Once Google opted Ubuntu LTS for stability. Now it is moving to Debian testing branch for timely testing the packages. But it is not clear why Google decided to switch to Debian from Ubuntu.
How does Google plan to move to Debian Testing? The current Debian Testing release is upcoming Debian 10 Buster. Google has developed an internal tool to migrate the existing systems from Ubuntu 14.04 LTS to Debian 10 Buster. Project leader Margarita claimed in the Debconf talk that tool was tested to be working fine.
Google also plans to send the changes to Debian Upstream and hence contributing to its development.
![gLinux testing plan from Google](https://itsfoss.com/wp-content/uploads/2018/01/glinux-testing-plan.jpg)
Development plan for gLinux
### Ubuntu loses a big customer!
Back in 2012, Canonical had clarified that Google is not their largest business desktop customer. However, it is safe to say that Google was a big customer for them. As Google prepares to switch to Debian, this will surely result in revenue loss for Canonical.
[Suggested readMandrake Linux Creator Launches a New Open Source Mobile OS][26]
### What do you think?
Do keep in mind that Google doesnt restrict its developers from using any operating system. However, use of Linux is encouraged.
If you are thinking that you can get your hands on either of Goobuntu or gLinux, youll have to get a job at Google. It is an internal project of Google and is not accessible to the general public.
Overall, it is a good news for Debian, especially if they get changes to upstream. Cannot say the same for Ubuntu though. I have contacted Canonical for a comment but have got no response so far.
Update: Canonical responded that they “dont share details of relationships with individual customers” and hence they cannot provide details about revenue and any other such details.
What are your views on Google ditching Ubuntu for Debian?
[Share3K][9][Tweet][10][+1][11][Share161][12][Stumble][13][Reddit644][14]SHARES3K
<footer class="entry-footer" style="box-sizing: inherit;">
Filed Under: [News][15]Tagged With: [glinux][16], [goobuntu][17]
</footer>
![](https://secure.gravatar.com/avatar/20749c268f5d3e4d2c785499eb6a17c0?s=125&d=mm&r=g)
#### About Abhishek Prakash
I am a professional software developer, and founder of Its FOSS. I am an avid Linux lover and Open Source enthusiast. I use Ubuntu and believe in sharing knowledge. Apart from Linux, I love classic detective mysteries. Im a huge fan of Agatha Christies work.
--------------------------------------------------------------------------------
via: https://itsfoss.com/goobuntu-glinux-google/
作者:[Abhishek Prakash ][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://itsfoss.com/author/abhishek/
[1]:https://itsfoss.com/author/abhishek/
[2]:https://itsfoss.com/goobuntu-glinux-google/#comments
[3]:https://www.facebook.com/share.php?u=https%3A%2F%2Fitsfoss.com%2Fgoobuntu-glinux-google%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3DSocialWarfare
[4]:https://twitter.com/share?original_referer=/&text=No+More+Ubuntu%21+Debian+is+the+New+Choice+For+Google%E2%80%99s+In-house+Linux+Distribution&url=https://itsfoss.com/goobuntu-glinux-google/%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3DSocialWarfare&via=abhishek_foss
[5]:https://plus.google.com/share?url=https%3A%2F%2Fitsfoss.com%2Fgoobuntu-glinux-google%2F%3Futm_source%3DgooglePlus%26utm_medium%3Dsocial%26utm_campaign%3DSocialWarfare
[6]:https://www.linkedin.com/cws/share?url=https%3A%2F%2Fitsfoss.com%2Fgoobuntu-glinux-google%2F%3Futm_source%3DlinkedIn%26utm_medium%3Dsocial%26utm_campaign%3DSocialWarfare
[7]:http://www.stumbleupon.com/submit?url=https://itsfoss.com/goobuntu-glinux-google/&title=No+More+Ubuntu%21+Debian+is+the+New+Choice+For+Google%26%238217%3Bs+In-house+Linux+Distribution
[8]:https://www.reddit.com/submit?url=https://itsfoss.com/goobuntu-glinux-google/&title=No+More+Ubuntu%21+Debian+is+the+New+Choice+For+Google%26%238217%3Bs+In-house+Linux+Distribution
[9]:https://www.facebook.com/share.php?u=https%3A%2F%2Fitsfoss.com%2Fgoobuntu-glinux-google%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3DSocialWarfare
[10]:https://twitter.com/share?original_referer=/&text=No+More+Ubuntu%21+Debian+is+the+New+Choice+For+Google%E2%80%99s+In-house+Linux+Distribution&url=https://itsfoss.com/goobuntu-glinux-google/%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3DSocialWarfare&via=abhishek_foss
[11]:https://plus.google.com/share?url=https%3A%2F%2Fitsfoss.com%2Fgoobuntu-glinux-google%2F%3Futm_source%3DgooglePlus%26utm_medium%3Dsocial%26utm_campaign%3DSocialWarfare
[12]:https://www.linkedin.com/cws/share?url=https%3A%2F%2Fitsfoss.com%2Fgoobuntu-glinux-google%2F%3Futm_source%3DlinkedIn%26utm_medium%3Dsocial%26utm_campaign%3DSocialWarfare
[13]:http://www.stumbleupon.com/submit?url=https://itsfoss.com/goobuntu-glinux-google/&title=No+More+Ubuntu%21+Debian+is+the+New+Choice+For+Google%26%238217%3Bs+In-house+Linux+Distribution
[14]:https://www.reddit.com/submit?url=https://itsfoss.com/goobuntu-glinux-google/&title=No+More+Ubuntu%21+Debian+is+the+New+Choice+For+Google%26%238217%3Bs+In-house+Linux+Distribution
[15]:https://itsfoss.com/category/news/
[16]:https://itsfoss.com/tag/glinux/
[17]:https://itsfoss.com/tag/goobuntu/
[18]:https://itsfoss.com/facts-about-ubuntu/
[19]:https://en.wikipedia.org/wiki/Goobuntu
[20]:http://www.zdnet.com/article/the-truth-about-goobuntu-googles-in-house-desktop-ubuntu-linux/
[21]:https://www.ubuntu.com/support
[22]:https://www.canonical.com/
[23]:https://www.muylinux.com/2018/01/15/goobuntu-glinux-google/
[24]:https://debconf17.debconf.org/talks/44/
[25]:https://itsfoss.com/barcelona-open-source/
[26]:https://itsfoss.com/eelo-mobile-os/

152
sources/tech/20180119 Two great uses for the cp command Bash shortcuts.md Normal file
View File

@ -0,0 +1,152 @@
Two great uses for the cp command: Bash shortcuts
============================================================
### Here's how to streamline the backup and synchronize functions of the cp command.
![Two great uses for the cp command: Bash shortcuts ](https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/yearbook-haff-rx-linux-file-lead_0.png?itok=-i0NNfDC)
>Image by : [Internet Archive Book Images][6]. Modified by Opensource.com. CC BY-SA 4.0
Last July, I wrote about [two great uses for the cp command][7]: making a backup of a file, and synchronizing a secondary copy of a folder.
Having discovered these great utilities, I find that they are more verbose than necessary, so I created shortcuts to them in my Bash shell startup script. I thought Id share these shortcuts in case they are useful to others or could offer inspiration to Bash users who havent quite taken on aliases or shell functions.
### Updating a second copy of a folder Bash alias
The general pattern for updating a second copy of a folder with cp is:
```
cp -r -u -v SOURCE-FOLDER DESTINATION-DIRECTORY
```
I can easily remember the -r option because I use it often when copying folders around. I can probably, with some more effort, remember -v, and with even more effort, -u (is it “update” or “synchronize” or…).
Or I can just use the [alias capability in Bash][8] to convert the cp command and options to something more memorable, like this:
```
alias sync='cp -r -u -v'
```
```
sync Pictures /media/me/4388-E5FE
```
Not sure if you already have a sync alias defined? You can list all your currently defined aliases by typing the word alias at the command prompt in your terminal window.
Like this so much you just want to start using it right away? Open a terminal window and type:
```
echo "alias sync='cp -r -u -v'" >> ~/.bash_aliases
```
```
me@mymachine~$ alias
alias alert='notify-send --urgency=low -i "$([ $? = 0 ] && echo terminal || echo error)" "$(history|tail -n1|sed -e '\''s/^\s*[0-9]\+\s*//;s/[;&|]\s*alert$//'\'')"'
alias egrep='egrep --color=auto'
alias fgrep='fgrep --color=auto'
alias grep='grep --color=auto'
alias gvm='sdk'
alias l='ls -CF'
alias la='ls -A'
alias ll='ls -alF'
alias ls='ls --color=auto'
alias sync='cp -r -u -v'
me@mymachine:~$
```
### Making versioned backups Bash function
The general pattern for making a backup of a file with cp is:
```
cp --force --backup=numbered WORKING-FILE BACKED-UP-FILE
```
Besides remembering the options to the cp command, we also need to remember to repeat the WORKING-FILE name a second time. But why repeat ourselves when [a Bash function][9] can take care of that overhead for us, like this:
Again, you can save this to your .bash_aliases file in your home directory.
```
function backup {
    if [ $# -ne 1 ]; then
        echo "Usage: $0 filename"
    elif [ -f $1 ] ; then
        echo "cp --force --backup=numbered $1 $1"
        cp --force --backup=numbered $1 $1
    else
        echo "$0: $1 is not a file"
    fi
}
```
The first if statement checks to make sure that only one argument is provided to the function, otherwise printing the correct usage with the echo command.
The elif statement checks to make sure the argument provided is a file, and if so, it (verbosely) uses the second echo to print the cp command to be used and then executes it.
If the single argument is not a file, the third echo prints an error message to that effect.
In my home directory, if I execute the backup command so defined on the file checkCounts.sql, I see that backup creates a file called checkCounts.sql.~1~. If I execute it once more, I see a new file checkCounts.sql.~2~.
Success! As planned, I can go on editing checkCounts.sql, but if I take a snapshot of it every so often with backup, I can return to the most recent snapshot should I run into trouble.
At some point, its better to start using git for version control, but backup as defined above is a nice cheap tool when you need to create snapshots but youre not ready for git.
### Conclusion
In my last article, I promised you that repetitive tasks can often be easily streamlined through the use of shell scripts, shell functions, and shell aliases.
Here Ive shown concrete examples of the use of shell aliases and shell functions to streamline the synchronize and backup functionality of the cp command. If youd like to learn more about this, check out the two articles cited above: [How to save keystrokes at the command line with alias][10] and [Shell scripting: An introduction to the shift method and custom functions][11], written by my colleagues Greg and Seth, respectively.
### About the author
[![](https://opensource.com/sites/default/files/styles/profile_pictures/public/clh_portrait2.jpg?itok=V1V-YAtY)][13] Chris Hermansen 
 Engaged in computing since graduating from the University of British Columbia in 1978, I have been a full-time Linux user since 2005 and a full-time Solaris, SunOS and UNIX System V user before that. On the technical side of things, I have spent a great deal of my career doing data analysis; especially spatial data analysis. I have a substantial amount of programming experience in relation to data analysis, using awk, Python, PostgreSQL, PostGIS and lately Groovy. I have also built a few... [more about Chris Hermansen][14]
--------------------------------------------------------------------------------
via: https://opensource.com/article/18/1/two-great-uses-cp-command-update
作者:[Chris Hermansen][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://opensource.com/users/clhermansen
[1]:https://opensource.com/users/clhermansen
[2]:https://opensource.com/users/clhermansen
[3]:https://opensource.com/user/37806/feed
[4]:https://opensource.com/article/18/1/two-great-uses-cp-command-update?rate=J_7R7wSPbukG9y8jrqZt3EqANfYtVAwZzzpopYiH3C8
[5]:https://opensource.com/article/18/1/two-great-uses-cp-command-update#comments
[6]:https://www.flickr.com/photos/internetarchivebookimages/14803082483/in/photolist-oy6EG4-pZR3NZ-i6r3NW-e1tJSX-boBtf7-oeYc7U-o6jFKK-9jNtc3-idt2G9-i7NG1m-ouKjXe-owqviF-92xFBg-ow9e4s-gVVXJN-i1K8Pw-4jybMo-i1rsBr-ouo58Y-ouPRzz-8cGJHK-85Evdk-cru4Ly-rcDWiP-gnaC5B-pAFsuf-hRFPcZ-odvBMz-hRCE7b-mZN3Kt-odHU5a-73dpPp-hUaaAi-owvUMK-otbp7Q-ouySkB-hYAgmJ-owo4UZ-giHgqu-giHpNc-idd9uQ-osAhcf-7vxk63-7vwN65-fQejmk-pTcLgA-otZcmj-fj1aSX-hRzHQk-oyeZfR
[7]:https://opensource.com/article/17/7/two-great-uses-cp-command
[8]:https://opensource.com/article/17/5/introduction-alias-command-line-tool
[9]:https://opensource.com/article/17/1/shell-scripting-shift-method-custom-functions
[10]:https://opensource.com/article/17/5/introduction-alias-command-line-tool
[11]:https://opensource.com/article/17/1/shell-scripting-shift-method-custom-functions
[12]:https://opensource.com/tags/linux
[13]:https://opensource.com/users/clhermansen
[14]:https://opensource.com/users/clhermansen

183
translated/tech/20111124 How to find hidden processes and ports on Linux-Unix-Windows.md Normal file
View File

@ -0,0 +1,183 @@
# 如何在 Linux/Unix/Windows 中发现隐藏的进程和端口
unhide 是一个小巧的网络取证工具,能够发现那些借助 rootkits,LKM 等其他技术隐藏的进程和 TCP/UDP 端口。这个工具在 Linux,unix-like,Windows 等操作系统下都可以工作。根据其 man 页面的说明:
> Unhide 通过下述三项技术来发现隐藏的进程。
> 1. 进程相关的技术,包括将 /proc 目录与 /bin/ps 命令的输出进行比较。
> 2. 系统相关的技术,包括将 ps 命令的输出结果同从系统调用方面得到的信息进行比较。
> 3. 穷举法相关的技术,包括对所有的进程 ID 进行暴力求解,该技术仅限于在基于 Linux2.6 内核的系统中使用。
绝大多数的 Rootkits 工具或者恶意软件借助内核来实现进程隐藏,这些进程只在内核内部可见。你可以使用 unhide 或者诸如 rkhunter 等工具,扫描 rootkit 程序,后门程序以及一些可能存在的本地漏洞。
![本文讲解如何在多个操作系统下安装和使用unhide][1]
如何安装 unhide
-----------
这里首先建议你在只读介质上运行这个工具。如果使用的是 Ubuntu 或者 Debian 发行版,输入下述的 apt-get/apt 命令以安装 Unhide`$ sudo apt-get install unhide` 一切顺利的话你的命令行会输出以下内容:
[sudo] password for vivek:
Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
rkhunter
The following NEW packages will be installed:
unhide
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 46.6 kB of archives.
After this operation, 136 kB of additional disk space will be used.
Get:1 http://in.archive.ubuntu.com/ubuntu artful/universe amd64 unhide amd64 20130526-1 [46.6 kB]
Fetched 46.6 kB in 0s (49.0 kB/s)
Selecting previously unselected package unhide.
(Reading database ... 205367 files and directories currently installed.)
Preparing to unpack .../unhide_20130526-1_amd64.deb ...
Unpacking unhide (20130526-1) ...
Setting up unhide (20130526-1) ...
Processing triggers for man-db (2.7.6.1-2) ...
如何在RHEL/CentOS/Oracle/Scientific/Fedora上安装 unhide
------------------------------------------------------------------
你可以使用以下的 yum 命令:
`Sudo yum install unhide`
在 Fedora 上则使用以下 dnf 命令:
Sudo dnf install unhide.
如何在 Arch 上安装 unhide
-------------------
键入以下 pacman 命令安装 $ sudo pacman -S unhide
如何在 FreeBSD 上安装 unhide
----------------------
可以通过以下的命令使用 port 来安装 unhide
# cd /usr/ports/security/unhide/
# make install clean
或者可以通过二进制文件安装hide使用 pkg 命令安装
# pkg install unhide
Unhide-tcp 取证工具通过对所有可用的 TCP/IP 端口进行暴力求解的方式,辨别所有正在监听,却没有列入 /bin/netstat 或者 /bin/ss command 目录的 TCP/IP 端口身份。
如何使用 unhide 工具?
---------------
Unhide 的语法是 `unhide [options] test_list` test_list 参数可以是以下测试列表中的一个或者多个标准测试:
1. Brute
2. proc
3. procall
4. procfs
5. quick
6. reverse
7. sys
基本测试:
1. checkbrute
2. checkchdir
3. checkgetaffinity
4. checkgetparam
5. checkgetpgid
6. checkgetprio
7. checkRRgetinterval
8. checkgetsched
9. checkgetsid
10. checkkill
11. checknoprocps
12. checkopendir
13. checkproc
14. checkquick
15. checkreaddir
16. checkreverse
17. checksysinfo
18. checksysinfo2
19. checksysinfo3
你可以通过以下示例命令使用 unhide
# unhide proc
# unhide sys
# unhide quick
示例输出:
Unhide 20130526
Copyright © 2013 Yago Jesus & Patrick Gouin
License GPLv3+ : GNU GPL version 3 or later
http://www.unhide-forensics.info
NOTE : This version of unhide is for systems using Linux >= 2.6
Used options:
[*]Searching for Hidden processes through comparison of results of system calls, proc, dir and ps
如何使用 unhide-tcp 工具辨明 TCP/UDP 端口的身份
----------------------------------
以下是来自 man 页面的介绍
> unhide-tcp is a forensic tool that identifies TCP/UDP ports that are
> listening but are not listed by /sbin/ss (or alternatively by
> /bin/netstat) through brute forcing of all TCP/UDP ports available.
> Note1 : On FreeBSD ans OpenBSD, netstat is allways used as iproute2
> doesn't exist on these OS. In addition, on FreeBSD, sockstat is used
> instead of fuser. Note2 : If iproute2 is not available on the system,
> option -n or -s SHOULD be given on the command line.
Unhide-tcp 取证工具,通过对所有可用的 TCP/IP 端口进行暴力求解的方式,辨别所有正在监听,却没有列入 /bin/netstat 或者 /bin/ss command 目录的 TCP/IP 端口身份。请注意:对于 FreeBSDOpenBSD系统一般使用 iproute2,fuser 命令取代在这些操作系统上不存在的 netstat,sockstat 命令。请注意 2如果操作系统不支持 iproute2 命令,在使用 unhide 时需要在命令上加上 -n 或者 -s 选项。
# `unhide-tcp`
示例输出:
Unhide 20100201
http://www.security-projects.com/?Unhide
Starting TCP checking
Starting UDP checking
上述操作中,没有发现隐藏的端口。但在下述示例中,我展示了一些有趣的事。
# `unhide-tcp`
示例输出:
Unhide 20100201
http://www.security-projects.com/?Unhide
Starting TCP checking
Found Hidden port that not appears in netstat: 1048
Found Hidden port that not appears in netstat: 1049
Found Hidden port that not appears in netstat: 1050
Starting UDP checking
可以看到 netstat -tulpn 和 ss commands 命令确实没有反映出这三个隐藏的端口
# netstat -tulpn | grep 1048
# ss -lp
# ss -l | grep 1048
通过下述的 man 命令可以更多地了解unhide
$ man unhide
$ man unhide-tcp
Windows 用户如何安装使用 unhide
---------------------
你可以通过这个[页面][2]获取 Windows 版本的 unhide
via: https://www.cyberciti.biz/tips/linux-unix-windows-find-hidden-processes-tcp-udp-ports.html
作者Vivek Gite 译者:[ljgibbs][3] 校对校对者ID
本文由 LCTT 原创编译Linux中国 荣誉推出!
[1]: https://camo.githubusercontent.com/51ee31c20a799512dcd09d88cacbe8dd04731529/68747470733a2f2f7777772e6379626572636974692e62697a2f746970732f77702d636f6e74656e742f75706c6f6164732f323031312f31312f4c696e75782d467265654253442d556e69782d57696e646f77732d46696e642d48696464656e2d50726f636573732d506f7274732e6a7067
[2]: http://www.unhide-forensics.info/?Windows:Download
[3]: https://github.com/ljgibbslf

137
translated/tech/20171102 What is huge pages in Linux.md Normal file
View File

@ -0,0 +1,137 @@
Linux 中的 huge pages 是个什么玩意?
======
学习 Linux 中的 huge pages( 巨大页)。理解什么是 hugepages如何进行配置如何查看当前状态以及如何禁用它。
![Huge Pages in Linux][1]
本文,我们会详细介绍 huge page让你能够回答Linux 中的 huge page 是什么玩意?在 RHEL6RHEL7Ubuntu 等 Linux 中,如何启用/禁用 huge pages如何查看 huge page 的当前值?
首先让我们从 Huge page 的基础知识开始讲起。
### Linux 中的 Huge page 是个什么玩意?
Huge pages 有助于 Linux 系统进行虚拟内存管理。顾名思义,除了标准的 4KB 大小的页面外,他们还能帮助管理内存中的巨大页面。使用 huge pages你最大可以定义 1GB 的页面大小。
在系统启动期间huge pages 会为应用程序预留一部分内存。这部分内存,即被 huge pages 占用的这些存储器永远不会被交换出内存。它会一直保留其中除非你修改了配置。这会极大地提高像 Orcle 数据库这样的需要海量内存的应用程序的性能。
### 为什么使用巨大的页?
在虚拟内存管理中,内核维护一个将虚拟内存地址映射到物理地址的表,对于每个页面操作,内核都需要加载相关的映射标。如果你的内存页很小,那么你需要加载的页就会很多,导致内核加载更多的映射表。而这会降低性能。
使用巨大的页,意味着所需要的页变少了。从而大大减少由内核加载的映射表的数量。这提高了内核级别的性能最终有利于应用程序的性能。
简而言之,通过启用 huge pages系统具只需要处理较少的页面映射表从而减少访问/维护它们的开销!
### 如何配置 huge pages
运行下面命令来查看当前 huge pages 的详细内容。
```
root@kerneltalks # grep Huge /proc/meminfo
AnonHugePages: 0 kB
HugePages_Total: 0
HugePages_Free: 0
HugePages_Rsvd: 0
HugePages_Surp: 0
Hugepagesize: 2048 kB
```
从上面输出可以看到,每个页的大小为 2MB(`Hugepagesize`) 并且系统中目前有 0 个页 (`HugePages_Total`)。这里巨大页的大小可以从 2MB 增加到 1GB。
运行下面的脚本可以获取系统当前需要多少个巨大页。该脚本取之于 Oracle。
```
#!/bin/bash
#
# hugepages_settings.sh
#
# Linux bash script to compute values for the
# recommended HugePages/HugeTLB configuration
#
# Note: This script does calculation for all shared memory
# segments available when the script is run, no matter it
# is an Oracle RDBMS shared memory segment or not.
# Check for the kernel version
KERN=`uname -r | awk -F. '{ printf("%d.%d\n",$1,$2); }'`
# Find out the HugePage size
HPG_SZ=`grep Hugepagesize /proc/meminfo | awk {'print $2'}`
# Start from 1 pages to be on the safe side and guarantee 1 free HugePage
NUM_PG=1
# Cumulative number of pages required to handle the running shared memory segments
for SEG_BYTES in `ipcs -m | awk {'print $5'} | grep "[0-9][0-9]*"`
do
MIN_PG=`echo "$SEG_BYTES/($HPG_SZ*1024)" | bc -q`
if [ $MIN_PG -gt 0 ]; then
NUM_PG=`echo "$NUM_PG+$MIN_PG+1" | bc -q`
fi
done
# Finish with results
case $KERN in
'2.4') HUGETLB_POOL=`echo "$NUM_PG*$HPG_SZ/1024" | bc -q`;
echo "Recommended setting: vm.hugetlb_pool = $HUGETLB_POOL" ;;
'2.6' | '3.8' | '3.10' | '4.1' ) echo "Recommended setting: vm.nr_hugepages = $NUM_PG" ;;
*) echo "Unrecognized kernel version $KERN. Exiting." ;;
esac
# End
```
将它以 `hugepages_settings.sh` 为名保存到 `/tmp` 中,然后运行之:
```
root@kerneltalks # sh /tmp/hugepages_settings.sh
Recommended setting: vm.nr_hugepages = 124
```
输出如上结果,只是数字会有一些出入。
这意味着,你系统需要 124 个每个 2MB 的巨大页!若你设置页面大小为 4MB则结果就变成了 62。你明白了吧
### 配置内核中的 hugepages
本文最后一部分内容是配置上面提到的 [内核参数 ][2] 然后重新加载。将下面内容添加到 `/etc/sysctl.conf` 中,然后输入 `sysctl -p` 命令重新加载配置。
```
vm .nr_hugepages=126
```
注意我们这里多加了两个额外的页,因为我们希望在实际需要的页面数量外多一些额外的空闲页。
现在,内核已经配置好了,但是要让应用能够使用这些巨大页还需要提高内存的使用阀值。新的内存阀值应该为 126 个页 x 每个页 2 MB = 252 MB也就是 258048 KB。
你需要编辑 `/etc/security/limits.conf` 中的如下配置
```
soft memlock 258048
hard memlock 258048
```
某些情况下,这些设置是在指定应用的文件中配置的,比如 Oracle DB 就是在 `/etc/security/limits.d/99-grid-oracle-limits.conf` 中配置的。
这就完成了!你可能还需要重启应用来让应用来使用这些新的巨大页。
### 如何禁用 hugepages
HugePages 默认是开启的。使用下面命令来查看 hugepages 的当前状态。
```
root@kerneltalks# cat /sys/kernel/mm/transparent_hugepage/enabled
[always] madvise never
```
输出中的 `[always]` 标志说明系统启用了 hugepages。
若使用的是基于 RedHat 的系统,则应该要查看的文件路径为 `/sys/kernel/mm/redhat_transparent_hugepage/enabled`
若想禁用巨大页,则在 `/etc/grub.conf` 中的 `kernel` 行后面加上 `transparent_hugepage=never`,然后重启系统。
--------------------------------------------------------------------------------
via: https://kerneltalks.com/services/what-is-huge-pages-in-linux/
作者:[Shrikant Lavhate][a]
译者:[lujun9972](https://github.com/lujun9972)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://kerneltalks.com
[1]:https://c1.kerneltalks.com/wp-content/uploads/2017/11/hugepages-in-linux.png
[2]:https://kerneltalks.com/linux/how-to-tune-kernel-parameters-in-linux/

64
sources/tech/20171117 Command line fun- Insult the user when typing wrong bash command.md → translated/tech/20171117 Command line fun- Insult the user when typing wrong bash command.md
View File

@ -1,21 +1,19 @@
translate by cyleft
Command line fun: Insult the user when typing wrong bash command
命令行乐趣:恶搞输错 Bash 命令的用户
======
You can configure sudo command to insult user when they type the wrong password. Now, it is possible to abuse insult the user when they enter the wrong command at the shell prompt.
你可以通过配置 sudo 命令去恶搞输入错误密码的用户。但是之后shell 的恶搞提示语可能会滥用于输入错误命令的用户。
## Say hello bash-insulter
## 你好 bash-insulter
From the Github page:
来自 Github 页面:
> Randomly insults the user when typing wrong command. It use a new builtin error-handling function named command_not_found_handle in bash 4.x.
> 当用户键入错误命令,随机嘲讽。它使用了一个 bash4.x. 版本的全新内置错误处理函数,叫 command_not_found_handle。
## Installation
## 安装
Type the following git command to clone repo:
键入下列 git 命令克隆一个仓库:
`git clone https://github.com/hkbakke/bash-insulter.git bash-insulter`
Sample outputs:
示例输出:
```
Cloning into 'bash-insulter'...
remote: Counting objects: 52, done.
@ -25,35 +23,35 @@ Unpacking objects: 100% (52/52), done.
```
Edit your ~/.bashrc or /etc/bash.bashrc using a text editor such as vi command:
用文本编辑器,编辑你的 ~/.bashrc 或者 /etc/bash.bashrc 文件,比如说使用 vi
`$ vi ~/.bashrc`
Append the following lines (see [if..else..fi statement][1] and [source command][2]):
在其后追加这一行(具体了解请查看 [if..else..fi 声明][1] 和 [命令源码][2]
```
if [ -f $HOME/bash-insulter/src/bash.command-not-found ]; then
source $HOME/bash-insulter/src/bash.command-not-found
fi
```
Save and close the file. Login again or just run it manually if you do not want to logout:
保存并关闭文件。重新登陆,如果不想退出账号也可以手动运行它:
```
$ . $HOME/bash-insulter/src/bash.command-not-found
```
## How do I use it?
## 如何使用它?
Just type some invalid commands:
尝试键入一些无效命令:
```
$ ifconfigs
$ dates
```
Sample outputs:
[![An interesting bash hook feature to insult you when you type an invalid command. ][3]][3]
示例输出:
[![一个有趣的 bash 钩子功能,嘲讽输入了错误命令的你。][3]][3]
## Customization
## 自定义
You need to edit $HOME/bash-insulter/src/bash.command-not-found:
你需要编辑 $HOME/bash-insulter/src/bash.command-not-found
`$ vi $HOME/bash-insulter/src/bash.command-not-found`
Sample code:
示例代码:
```
command_not_found_handle () {
local INSULTS=(
@ -91,7 +89,7 @@ command_not_found_handle () {
"Pro tip: type a valid command!"
)
# Seed "random" generator
# 设置“随机”种子发生器
RANDOM=$(date +%s%N)
VALUE=$((${RANDOM}%2))
@ -101,20 +99,20 @@ command_not_found_handle () {
echo "-bash: $1: command not found"
# Return the exit code normally returned on invalid command
# 无效命令,常规返回已存在的代码
return 127
}
```
## sudo insults
## sudo 嘲讽
Edit the sudoers file:
编辑 sudoers 文件:
`$ sudo visudo`
Append the following line:
追加下面这一行:
`Defaults insults`
Or update as follows i.e. add insults at the end of line:
或者像下面尾行增加一句嘲讽语:
`Defaults !lecture,tty_tickets,!fqdn,insults`
Here is my file:
这是我的文件:
```
Defaults env_reset
Defaults mail_badpass
@ -148,21 +146,21 @@ $ sudo -k # clear old stuff so that we get a fresh prompt
$ sudo ls /root/
$ sudo -i
```
Sample session:
[![An interesting sudo feature to insult you when you type an invalid password.][4]][4]
样例对话:
[![当输入错误密码时,你会被一个有趣的的 sudo 嘲讽语戏弄。][4]][4]
## Say hello to sl
## 你好 sl
[sl is a joke software or classic UNIX][5] game. It is a steam locomotive runs across your screen if you type "sl" (Steam Locomotive) instead of "ls" by mistake.
[sl 或是 UNIX 经典捣蛋软件][5] 游戏。当你错误的把 “ls” 输入成 “sl”将会有一辆蒸汽机车穿过你的屏幕。
`$ sl`
[![Linux / UNIX Desktop Fun: Steam Locomotive][6]][5]
[![Linux / UNIX 桌面乐趣: 蒸汽机车][6]][5]
--------------------------------------------------------------------------------
via: https://www.cyberciti.biz/howto/insult-linux-unix-bash-user-when-typing-wrong-command/
作者:[Vivek Gite][a]
译者:[译者ID](https://github.com/译者ID)
译者:[CYLeft](https://github.com/CYLeft)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

108
translated/tech/20171120 How to use special permissions- the setuid, setgid and sticky bits.md Normal file
View File

@ -0,0 +1,108 @@
如何使用特殊权限setuid、setgid 和 sticky 位
======
### 目标
了解特殊权限的工作原理,以及如何识别和设置它们。
### 要求
* 了解标准的 Unix / Linux 权限系统
### 难度
简单
### 约定
* **#** \- 要求直接以 root 用户或使用 `sudo` 命令执行指定的命令
* **$** \- 用普通的非特权用户来执行指定的命令
### 介绍
通常,在类 Unix 操作系统上,文件和目录的所有权是基于文件创建者的默认 `uid`user-id`gid`group-id的。启动一个进程时也是同样的情况它以启动它的用户的 uid 和 gid 运行,并具有相应的权限。这种行为可以通过使用特殊的权限进行改变。
### setuid 位
当使用 setuid 位时,之前描述的行为会有所变化,所以当一个可执行文件启动时,它不会以启动它的用户的权限运行,而是以该文件所有者的权限运行。所以,如果在一个可执行文件上设置了 setuid 位,并且该文件由 root 拥有,当一个普通用户启动它时,它将以 root 权限运行。显然,如果 setuid 位使用不当的话,会带来潜在的安全风险。
使用 setuid 权限的可执行文件的例子是 `passwd`,我们可以使用该程序更改登录密码。我们可以通过使用 `ls` 命令来验证:
```
ls -l /bin/passwd
-rwsr-xr-x. 1 root root 27768 Feb 11 2017 /bin/passwd
```
如何识别 `setuid` 位呢?相信您在上面命令的输出已经注意到,`setuid` 位是用 `s` 来表示的,代替了可执行位的 `x`。小写的 `s` 意味着可执行位已经被设置,否则你会看到一个大写的 `S`。大写的 `S` 发生于当设置了 `setuid``setgid` 位、但没有设置可执行位 `x` 时。它用于提醒用户这个矛盾的设置:如果可执行位未设置,则 `setuid``setgid` 位均不起作用。setuid 位对目录没有影响。
### setgid 位
`setuid` 位不同,`setgid` 位对文件和目录都有影响。在第一个例子中,具有 `setgid` 位设置的文件在执行时,不是以启动它的用户所属组的权限运行,而是以拥有该文件的组运行。换句话说,进程的 gid 与文件的 gid 相同。
当在一个目录上使用时,`setgid` 位与一般的行为不同,它使得在所述目录内创建的文件,不属于创建者所属的组,而是属于父目录所属的组。这个功能通常用于文件共享(目录所属组中的所有用户都可以修改文件)。就像 setuid 一样setgid 位很容易识别(我们用 test 目录举例):
```
ls -ld test
drwxrwsr-x. 2 egdoc egdoc 4096 Nov 1 17:25 test
```
这次 `s` 出现在组权限的可执行位上。
### sticky 位
Sticky 位的工作方式有所不同:它对文件没有影响,但当它在目录上使用时,所述目录中的所有文件只能由其所有者删除或移动。一个典型的例子是 `/tmp` 目录,通常系统中的所有用户都对这个目录有写权限。所以,设置 sticky 位使用户不能删除其他用户的文件:
```
$ ls -ld /tmp
drwxrwxrwt. 14 root root 300 Nov 1 16:48 /tmp
```
在上面的例子中目录所有者、组和其他用户对该目录具有完全的权限读、写和执行。Sticky 位在可执行位上用 `t` 来标识。同样,小写的 `t` 表示可执行权限 `x`也被设置了,否则你会看到一个大写字母 `T`
### 如何设置特殊权限位
就像普通的权限一样,特殊权限位可以用 `chmod` 命令设置,使用数字或者 `ugo/rwx` 格式。在前一种情况下,`setuid`、`setgid` 和 `sticky` 位分别由数值 4、2 和 1 表示。例如,如果我们要在目录上设置 `setgid` 位,我们可以运行:
```
$ chmod 2775 test
```
通过这个命令,我们在目录上设置了 `setgid` 位(由四个数字中的第一个数字标识),并给它的所有者和该目录所属组的所有用户赋予全部权限,对其他用户赋予读和执行的权限(目录上的执行位意味着用户可以 `cd` 进入该目录或使用 `ls` 列出其内容)。
另一种设置特殊权限位的方法是使用 `ugo/rwx` 语法:
```
$ chmod g+s test
```
要将 `setuid` 位应用于一个文件,我们可以运行:
```
$ chmod u+s file
```
要设置 Sticky 位,可运行:
```
$ chmod o+t test
```
在某些情况下,使用特殊权限会非常有用。但如果使用不当,可能会引入严重的漏洞,因此使用之前请三思。
--------------------------------------------------------------------------------
via: https://linuxconfig.org/how-to-use-special-permissions-the-setuid-setgid-and-sticky-bits
作者:[Egidio Docile][a]
译者:[jessie-pang](https://github.com/jessie-pang)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://linuxconfig.org

79
translated/tech/20180112 Top 5 Firefox extensions to install now.md Normal file
View File

@ -0,0 +1,79 @@
五个值得现在安装的火狐插件
======
合适的插件能大大增强你浏览器的功能,但仔细挑选插件很重要。本文有五个值得一看的插件。
![](https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/firefox_blue_lead.jpg)
对于很多用户来说网页浏览器已经成为电脑使用体验的重要环节。现代浏览器已经发展成强大、可拓展的平台。作为平台的一部分_插件_能添加或修改浏览器的功能。火狐插件的构建使用了 WebExtensions API ,一个跨浏览器的开发系统。
你得安装哪一个插件?一般而言,这个问题的答案取决于你如何使用你的浏览器、你对于隐私的看法、你信任插件开发者多少以及其他个人喜好。
首先我想指出浏览器插件通常需要读取和或者修改你浏览的网页上的每项内容。你应该_非常_仔细地考虑这件事的后果。如果一个插件有修改所有你访问过的网页的权限那么它可能记录你的按键、拦截信用卡信息、在线跟踪你、插入广告以及其他各种各样邪恶的行为。
并不是每个插件都偷偷摸摸地做这些事,但是在你安装任何插件之前,你要慎重考虑下插件安装来源、涉及的权限、你的风险数据和其他因素。记住,你可以从个人数据的角度来管理一个插件如何影响你的攻击面( LCTT 译者注:攻击面是指入侵者能尝试获取或提取数据的途径总和)——例如使用特定的配置、不使用插件来完成例如网上银行的操作。
考虑到这一点,这里有你或许想要考虑的五个火狐插件
### uBlock Origin
![ublock origin ad blocker screenshot][2]
ublock Origin 可以拦截广告和恶意网页,还允许用户定义自己的内容过滤器。
[uBlock Origin][3] 是一款快速、内存占用低、适用范围广的拦截器它不仅能屏蔽广告还能让你执行你自己的内容过滤。uBlock Origin 默认使用多份预定义好的过滤名单来拦截广告、跟踪器和恶意网页。它允许你任意地添加列表和规则,或者锁定在一个默认拒绝的模式。除了强大之外,这个插件已被证明是效率高、性能好。
### Privacy Badger
![privacy badger ad blocker][5]
Privacy Badger 运用了算法来无缝地屏蔽侵犯用户准则的广告和跟踪器。
正如它名字所表明,[Privacy Badger][6] 是一款专注于隐私的插件它屏蔽广告和第三方跟踪器。EFF LCTT 译者注EFF全称是电子前哨基金会Electronic Frontier Foundation旨在宣传互联网版权和监督执法机构 )说:“我们想要推荐一款能自动分析并屏蔽任何侵犯用户准则的跟踪器和广告,而 Privacy Badger 诞生于此目的;它不用任何设置、知识或者用户的配置,就能运行得很好;它是由一个明显为用户服务而不是为广告主服务的组织出品;它使用算法来绝定什么正在跟踪,什么没有在跟踪”
为什么 Privacy Badger 出现在这列表上的原因跟 uBlock Origin 如此相似其中一个原因是Privacy Badger 从根本上跟 uBlock Origin 的工作不同。另一个原因是纵深防御的做法是个可以跟随的合理策略。
### LastPass
![lastpass password manager screenshot][8]
LastPass 是一款用户友好的密码管理插件,支持双重授权。
这个插件对于很多人来说是个有争议的补充。你是否应该使用密码管理器——如果你用了,你是否应该选择一个浏览器插件——这都是个热议的话题,而答案取决于你的风险资料。我想说大部分不关心的电脑用户应该用一个,因为这比起常见的选择:每一处使用相同的弱密码,都好太多了。
[LastPass][9] 对于用户很友好,支持双重授权,相当安全。这家公司过去出过点安全事故,但是都处理得当,而且资金充足。记住使用密码管理器不是非此即彼的命题。很多用户选择使用密码管理器管理绝大部分密码,但是保持了一点复杂性,为例如银行这样重要的网页精心设计了密码和使用多重认证。
### Xmarks Sync
[Xmarks Sync][10] 是一款方便的插件,能跨实例同步你的书签、打开的标签页、配置项和浏览器历史。如果你有多台机器,想要在桌面设备和移动设备之间同步、或者在同一台设备使用不同的浏览器,那来看看 Xmarks Sync 。(注意这款插件最近被 LastPass 收购)
### Awesome Screenshot Plus
[Awesome Screenshot Plus][11] 允许你很容易捕获任意网页的全部或部分区域,也能添加注释、评论、使敏感信息模糊等。你还能用一个可选的在线服务来分享图片。我发现这工具在网页调试时截图、讨论设计和分享信息上很棒。这是一款比你预期中发现自己使用得多的工具。
我发现这五款插件有用,我把它们推荐给其他人。这就是说,还有很多浏览器插件。我好奇其他的哪一款是 Opensource.com 社区用户正在使用并推荐的。让评论中让我知道。LCTT 译者注:本文引用自 Opensource.com ,这两句话意在引导用户留言,推荐自己使用的插件)
![Awesome Screenshot Plus screenshot][13]
Awesome Screenshot Plus 允许你容易地截下任何网页的部分或全部内容。
--------------------------------------------------------------------------------
via: https://opensource.com/article/18/1/top-5-firefox-extensions
作者:[Jeremy Garcia][a]
译者:[ypingcn](https://github.com/ypingcn)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/jeremy-garcia
[2]: https://opensource.com/sites/default/files/ublock.png "ublock origin ad blocker screenshot"
[3]: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/
[5]: https://opensource.com/sites/default/files/images/life-uploads/privacy_badger_1.0.1.png "privacy badger ad blocker screenshot"
[6]: https://www.eff.org/privacybadger
[8]: https://opensource.com/sites/default/files/images/life-uploads/lastpass4.jpg "lastpass password manager screenshot"
[9]: https://addons.mozilla.org/en-US/firefox/addon/lastpass-password-manager/
[10]: https://addons.mozilla.org/en-US/firefox/addon/xmarks-sync/
[11]: https://addons.mozilla.org/en-US/firefox/addon/screenshot-capture-annotate/
[13]: https://opensource.com/sites/default/files/screenshot_from_2018-01-04_17-11-32.png "Awesome Screenshot Plus screenshot"