The Internet Gateway Device (IGD) protocol allows client software on computers behind a NAT router/firewall to request that incoming networking ports on the router be forwarded to the client computer. Though this technology is often criticized as a weakening of security my analysis of the threat vectors has left me unconvinced that an IGD router/firewall represents a significant risk compared to a system without IGD. For many users, port forwarding remains an unfamiliar concept and they do not wish to take the time and effort to configure it manually. By turning on IGD a NAT router/firewall can better support the software needs of the computers on the private network.

Every computer needs a vrms, that is, a virtual Richard M. Stallman. This package tells you what packages installed on your computer are not licensed under a free software license. This is extremely useful information even if you don’t make any changes to your system because of it. I also think it’s good to strive for a totally free system, though I imagine it will still be a while before I ever get there.

A number of people have complained that the current (Ubuntu 7.04) startup and shutdown screens lack the information that they had in earlier releases. Enabling the display of startup and shutdown messages is fairly simple and can be useful in diagnosing system problems. Here’s how to do it.

Though relatively obscure there is a set of key combinations that can be used to communicate and send commands to a GNU/Linux kernel even when the system has become unresponsive (frozen, hung, crashed). I have found it beneficial to keep these commands in mind because I have come across a couple of situations where their use proved valuable. If nothing else, the 1 thing to remember is the Alt+SysRq+H command to get help on the other combinations.

This is a simple change that can, in my opinion, greatly improve security on a server or desktop system with openssh-server installed. By simple changing the listening port from the default 22 to another value will reduce the brute-force SSH attacks on a system thereby freeing up resources and reducing the chance of the system being compromised.