Remote Desktop in Linux like Team Viewer - linux

For Remote Desktop Sessions in Linux, I want to know if there something available equivalent for what Team Viewer does for windows?
The main advantage I find of Team viewer is that it can bypass firewalls, needs no NAT configurations or port forwarding rules to be setup in the router.

One of the vnc family?
You will have to make the computer visible to the client machine, if you don't want to mess around with firewalls you will need a third party reflector service to connect both of you.
The price of dog food being what it is, we should probably plug copilot, although there are probably a bunch of free ones.

Erm, TeamViewer is not only for Windows - besides full Mac implementation, it also has Linux support (although it's beta). I haven't tried, but... Did you?

Related

Setting up a Developers' environment in a second domain

This may be the wrong forum to ask this question. If so, I'd love links or suggestions as to where to post it.
Background:
In our current environment, developers have Windows desktop machines with decent though not crazy specs and wired Ethernet. Enough to develop, compile, test, commit, etc.
We'll be moving to a new environment (not our choice!) where the desktops are replaced by wifi-only laptops and no fixed workstations. That means, e.g. a dev cannot start a long-job at 5 pm, go home while it runs and have it finish by 8 am the next day, since the wifi connection will be broken. This is an issue for us. An additional complication is that the work is often cross-AD-domain.
Questions:
We're brainstorming other options. Some ideas that have come up:
keep the old desktops, put 'em in a closet and let the devs RDP to them (mostly Windows, a few Linux via ssh). Wire the desktops to a second domain
put in a beefy server or two and allow multiple concurrent logins. Install the required software etc. Wire the servers to a second domain
Set up a VM per dev on a suitable host in the second domain
Containers?
Is #4 even possible? Can you spin up a container that you can remote into in GUI mode in either Linux or Windows?
What other options are worth looking at? What have others done? Trying to learn from others' experiences and not re-invent the wheel.

Is there a Configuration Software for Linux Servers on the market?

I'm currently working on a Linux (Web-) Server configuration tool, which will allow you to easily manage all Your server-configurations in an graphical intuitive solution.
My tool is written in c# and is designed for windows.
The system will connect to a remote Linux-based Server over SSH and will then be able to configure the Domains/Subdomains, email accounts, ftp accounts, php/ settings, nginx/apache settings ... (all remote per ssh)
no aditional software/configuration needed
the system will be able to read the current config and will allow you to easily manage the configuration
I've made an short video of the product: http://www.youtube.com/watch?v=E8buUyOvZrQ
I came from froxlor(php server configuration), which I don't like at all. Because I'm using the server for myself and don't the master/client concept.
So my Question is:
Is there an equivalent Product already on the market?
Because if so, I can stop working on my own product.
Edit
Is there a tool wich works without client Installation? (not php or in any way web-based)
Webmin is a web-based interface for system administration for Unix:
http://www.webmin.com/
I built something similar awhile ago and it was a basic WinForms dashboard that managed Linux boxes by interfacing with them via SharpSSH. This was awhile ago, but judging by their soure forge page it is still maintained.

Linux per program firewall similar to windows and mac counterparts

Is it possible to create GUI firewall that works as Windows and Mac counterparts? Per program basis. Popup notification window when specific program want to send\recv data from network.
If no, than why? What Linux kernel lacks to allow existence of such programs?
If yes, than why there aren't such program?
P.S. This is programming question, not user one.
Yes it's possible. You will need to setup firewall rules to route traffic through an userspace daemon, it'll involve quite a bit of work.
N/A
Because they're pretty pointless - if the user understands which programs he should block from net access he could just as well use one of multiple existing friendly netfilter/iptables frontends to configure this.
It is possible, there are no restrictions and at least one such application exists.
I would like to clarify a couple of points though.
If I understood this article correct, the firewalls mentioned here so far and iptables this question is tagged under are packet filters and accept and drop packets depending more on IP addresses and ports they come from/sent to.
What you describe looks more like mandatory access control to me. There are several utilities for that purpose in Linux - selinux, apparmor, tomoyo.
If I had to implement a graphical utility you describe, I would pick, for example, AppArmor, which supports whitelists, and, to some extent, dynamic profiling, and tried to make a GUI for it.
OpenSUSE's YaST features graphical interface for apparmor setup and 'learning' , but it is specific to the distribution.
So Linux users and administrators have several ways to control network (and files) access on per-application basis.
Why the graphical frontends for MAC are so few is another question. Probably it's because Linux desktop users tend to trust software they install from repositories and have less reasons to control them this way (if an application is freely distributed, it has less reasons to call home and packages are normally reviewed before they get to repositories) while administrators and power users are fine with command line.
As desktop Linux gets more popular and people install more software from AUR or PPA or even from gnome-look.org where packages and scripts are not reviewed that accurately (if at all) a demand for such type of software (user-friendly, simple to configure MAC) might grow.
To answer your 3rd point.
There is such a program which provides zenity popups, it is called Leopard Flower:
http://sourceforge.net/projects/leopardflower
Yes. Everything is possible
-
There are real antiviruses for linux, so there could be firewalls with GUI also. But as a linux user I can say that such firewall is not needed.
I reached that Question as i am currently trying to migrate from a Mac to Linux. There are a lot of applications I run on my Mac and on my Linux PC. Some of them I trust fully. But others I am not fully trusting. If they are installed from a source that checks them or not, do i have to trust them because someone else did? No, I am old enough to choose myself.
In times where privacy is getting more and more complicate to achieve, and Distributions exist that show that we should not trust everyone, I like to be in control of what my applications do. This control might not end at the connection to the network/Internet but it is what this question (and mine is about.
I have used LittleSnitch for MacOSX in the past years and I was surprised how often an application likes to access the internet without me even noticing. To check for updates, to call home, ...
Now where i would like to switch to Linux, I tried to find the same thing as I want to be in control of what leaves my PC.
During my research I found a lot of questions about that topic. This one, in my opinion, best describes what it is about. The question for me is the same. I want to know when an application tries to send or receive information over the network/internet.
Solutions like SELinux and AppAmor might be able to allow or deny such connections. Configuring them means a lot of manual configuration and does not inform when a new application tries to connect somewhere. You have to know which application you want to deny access to the network.
The existence of Douane (How to control internet access for each program? and DouaneApp.com) show that there is a need for an easy solution. There is even a Distribution which seems to have such a feature included. But i am not sure what Subgraph OS (subgraph.com) is using, but they state something like this on there website. It reads exactly like the initial question: "The Subgraph OS application firewall allows a user to control which applications can initiate outgoing connections. When an unknown application attempts to make an outgoing connection, the user will be prompted to allow or deny the connection on a temporary or permanent basis. This helps prevent malicious applications from phoning home."
As it seems to me, there are only two options at the moment. One is to Compiling Douane manually mysqlf or two, switch distribution to Subgraph OS. As one of the answers state, everything is possible - So i am surprised there is no other solution. Or is there?

Generic way to know whether a laptop is located in the office or not?

I develop software running laptops from various companies. The employees are allowed to bring these laptops home or on holidays. I want to be able to reliably detect whether the laptops are in the office or not. The laptops are connected to the company network via some kind of VPN (though various solutions are used), so I cannot say that if they can access internet, they are in the office. To make this question even more interesting, please notice that a company might have multiple locations.
Edit: I need to detect this on the laptop.
Speculation: One thing you could look at are the IP addresses allocated to the machine. If you run a VPN then at home then there is probably one IP for the Internet connection and one for the VPN.
I think the answer from Rob is close but maybe you should take into account the gateway used by the NIC.
And if you have time enough a tracert to a known server in your office.
That will give you the route and the intermediate NIC's between the laptop and the known server.
You only have to make sure in that case that on the office location the route to the VPN concentrator is different but that should be possible with a clever dns/dhcp setup.
You might try a more specific question on serverfault.com
This cannot be done reliably, because branch offices can be setup up the same as a home network. And from experience, I'm not saying "almost the same as a home network". I mean literally the same, with non-clued managers buying network equipment from the cheapest local shop, and running copies of Windows XP HOME.

Are there any secure alternatives to XDMCP?

Are there any secure alternatives to XDMCP (A Linux remote desktop protocol)?
I'd like to set up some thin clients -- UI heads (old computer + mouse + keyboard) connected to VMs on a fast server. ssh -Y doesn't quite cut it, since this would be for non-savvy computer users. I'd like it integrated with kdm/gdm if possible (this seems to rule out Nomachine NX, and I don't like closed source).
I am on a private network, so I guess I'll probably end up going with XDMCP, but it would seem kinda sorry if there aren't any secure open-source alternatives.
This seems like a question for serverfault, but couldn't you just setup a VPN between the client computer and the server? That way, all traffic will be encrypted between the two machines.
Why not use ssh -X ? You could auto-logon locally with a general user and then autorun a script displaying a form for entering user/passwd which connects to a session using ssh -X...
Check out Nomachine NX, which is a secure version of X. They reduced the chattyness of the X protocol in a neat way and tunnel it through ssh. It works really well (but disclaimer - my company does resell the software). Available in free-as-in-beer single user version, or paid for enterprise version. There's also freenx, which is a GPL implementation of the server (the protocol, at least in version 3.x, is GPL).

Resources