Giacomo Lanzi
ClearOS: Linux Server for Small Business
ClearOS (formerly ClarkConnect) is a Linux distribution, with the aim of transforming any standard PC into a dedicated firewall and Internet server / gateway. The software is a solution for small businesses, home offices and networked homes. ClearOS is based on CentOS and offers a very robust set of tools organized in easy to navigate administration pages.
Small business and servers
Small business data centers often rely on one-size-fits-all solutions for standard problems. Because’? They save on costs. Within the Linux world, there are a number of exceptional server software that can help power a business in ways that aren’t always considered.
The problem with small businesses that use Linux can often come in the form of distribution complexity. While Linux has come a long way in terms of ease of use, there can sometimes be an additional level of complexity when it comes to server software. This additional learning curve is very often easily overcome by anyone with a moderate level of computer skills. Note that for anyone who has used Linux before, this is generally a breeze.
But then, who needs a data center solution, without the burden of a high-level IT expert on hand, who could they turn to? One solution is ClearOS.
What is ClearOS
According to the presentation material of the distribution:
“ClearOS is a simple, open and affordable operating system, with an intuitive web-based graphical user interface and a marketplace with over 100 applications to choose from, with more being added every day. By leveraging open source software, you decide which apps you need and only pay for the apps and support you want. “
To verify that these statements respect reality and check that ClearOS is indeed an interesting solution, let’s see the details together.
Editions
First, you need to choose between the versions of the operating system. In fact, ClearOS offers three different platform distributions:
– Community: the free edition of ClearOS
– Home: Ideal for home offices
– Business: Ideal for small businesses, thanks to the inclusion of paid support
To find out the differences of each edition, you can consult the ClearOS function matrix here. There are also the prices on the page which, after all, are contained for the proposed service.
Installation
There is really no need to talk about the ClearOS installation process, as it is incredibly simple. If you’ve ever installed Linux, you won’t have any problems with ClearOS.
I wanted to test it with a VirtualBox on my personal computer, and in just 20 minutes I had a working virtual machine with ClearOS ready. The installation time includes the post-installation wizard and the first updates.
Once you have completed the basic installation, post-installation wizard and updates, all done from within an incredibly well-designed web interface, you are ready to start adding applications from the ClearOS Marketplace, which is ‘where the platform really shines.
Taking a look at the process of adding applications to the ClearOS server, it is evident how easy this ecosystem is to use. Once we are done with the initial setup, we are on the “ClearOS Marketplace Getting Started” page. From this screen it is possible to manage the application selection and installation process.
The operating system also comes with a couple of preconfigurations to choose from. In any case, you will have the possibility to choose through the selection of applications / services to be installed on the ClearOS server.
ClearOS functionality
Available features include:
– Firewall, Networking and Security:
– Network: the firewall restricts access to systems and provides advanced features, including DMZ, NAT 1 to 1 and Port Forwarding
– Protocol: Peer-to-Peer discovery system allows you to manage the use of peer-to-peer file sharing
– Application: Intrusion Detection and Intrusion Prevention systems provide an additional layer of defense against threats to your network.
– Virtual Private Networking
– Web Proxy and Content Filter
– Email, including Webmail
– Groupware
– Database and Web Server
– File and print services
Costs App
Some of the apps are free, while others have a cost. You have to consult the list of available apps to see if any of these apps / services meet your needs and fit your budget. Once you have selected all the applications you want to install, you can proceed with the installation.
At this point you are ready to configure the custom dashboard. If you don’t want to worry about customizing the dashboard, you can use the default one. The dashboard allows you to select what you want to view through practical drop-down menus. It is also possible to immediately start configuring newly installed applications.
One remarkable thing is that ClearOS has made configuring the LDAP service extremely easy. Normally this process can be quite a headache, but ClearOS has found a way to make it as painless as possible.
The function of ClearOS
One thing not found on ClearOS is a tool for creating a server environment like that of a Microsoft Small Business Server or its successor Windows Server. So, using applications like MS Office, via Terminal Server, will not work. But you can always install the Dropbox app for free and use their Paper Server. This, of course, is not a real alternative for a full office suite, but it is still a partial solution.
However, this is not the point of ClearOS, as the intent is more to serve a business-class server that can help protect and expand a small business network. In other words, if you are looking for an incredibly simple firewall to set up and manage, VPN, DNS, DHCP, and a well-rounded general network appliance, ClearOS is exactly what you need. If you are looking for something to replace a Samba server, ClearOS is not the solution.
ClearOS can be found among the standard SOD templates and you can then install your own VPS with ClearOS in a few seconds.
Useful links:
Share
RSS
More Articles…
- The SOAR benefits: simplifying investigation and response
- Security Code Review: How the service works
- Integration of the automated response: the automations in SOCaaS
- Coordination between CTI and SOC: how to further raise the defenses
- New Cloud Server: redundant internet
- Quality certificate for the SOCaaS of SOD
- Managed Detection and Response: a new preventive approach
- CLUSIT: our collaboration for better services
Categories …
- Backup as a Service (17)
- Acronis Cloud Backup (11)
- Veeam Cloud Connect (4)
- Cloud Conference (3)
- Cloud CRM (1)
- Cloud Server/VPS (22)
- Conferenza Cloud (4)
- ICT Monitoring (5)
- Log Management (2)
- News (21)
- ownCloud (4)
- Privacy (7)
- Secure Online Desktop (15)
- Security (170)
- Cyber Threat Intelligence (CTI) (6)
- Ethical Phishing (8)
- SOCaaS (55)
- Vulnerabilities (84)
- Web Hosting (15)
Tags
Dark Reading
- Sharing Knowledge at 44CON October 7, 2022The infosec conference named after the UK's calling code returned this year with a focus on building a healthy community.
- macOS Archive Utility Bug Lets Malicious Apps Bypass Security Checks October 6, 2022Exploit allows unsigned and unnotarized macOS applications to bypass Gatekeeper and other security, without notifying the user.
- Russian Hackers Shut Down US State Government Websites October 6, 2022Russian-speaking cyberattackers boast they are behind disruption of Colorado, Kentucky, and Mississippi government websites.
- US Consumers Are Finally Becoming More Security & Privacy Conscious October 6, 2022The trend, spotted by Consumer Reports, could mean good news for organizations struggling to contain remote work challenges.
- Hackers Have It Out for Microsoft Email Defenses October 6, 2022Cybercriminals are focusing more and more on crafting special email attacks that evade Microsoft Defender and Office security.
- Russia-Linked Cybercrime Group Hawks Combo of Malicious Services With LilithBot October 6, 2022The malware-as-a-service group Eternity is selling a one-stop shop for various malware modules it's been distributing individually via a subscription model on Telegram.
- School Is in Session: 5 Lessons for Future Cybersecurity Pros October 6, 2022Opportunities in the field continue to grow — and show no signs of slowing down.
- 7 IoT Devices That Make Security Pros Cringe October 6, 2022A look at everything from truly dumb smart devices to cool-looking IoT tech with huge cybersecurity and privacy implications.
- New SonicWall Survey Data Reveals 91% of Organizations Fear Ransomware Attacks in 2022 October 6, 2022Amid an economic downturn, cybersecurity staffing shortages, and endless cyberattacks, financially motivated attacks are the top concern among IT professionals.
- Research Reveals Microsoft Teams Security and Backup Flaws, With Over Half of Users Sharing Business-Critical Information on the Platform October 6, 2022Most backup and security vendors overlook this vital communication channel.
Full Disclosure
- Backdoor.Win32.Delf.eg / Unauthenticated Remote Command Execution October 3, 2022Posted by malvuln on Oct 03Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/de6220a8e8fcbbee9763fb10e0ca23d7.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Delf.eg Vulnerability: Unauthenticated Remote Command Execution Description: The malware listens on TCP port 7401. Third-party adversarys who can reach infected systems can issue commands made available by the...
- Backdoor.Win32.NTRC / Weak Hardcoded Credentials October 3, 2022Posted by malvuln on Oct 03Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/273fd3f33279cc9c0378a49cf63d7a06.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.NTRC Vulnerability: Weak Hardcoded Credentials Family: NTRC Type: PE32 MD5: 273fd3f33279cc9c0378a49cf63d7a06 Vuln ID: MVID-2022-0646 Disclosure: 10/02/2022 Description: The malware listens on TCP port 6767....
- Wordpress plugin - WPvivid Backup - CVE-2022-2863. October 3, 2022Posted by Rodolfo Tavares via Fulldisclosure on Oct 03=====[ Tempest Security Intelligence - ADV-15/2022 ]========================== Wordpress plugin - WPvivid Backup - Version < 0.9.76 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil =====[ Table of Contents]================================================== * Overview * Detailed description * Timeline of disclosure * Thanks & Acknowledgements * References =====[ […]
- ZKBioSecurity 3.0.5- Privilege Escalation to Admin (CVE-2022-36634) October 1, 2022Posted by Caio B on Sep 30#######################ADVISORY INFORMATION####################### Product: ZKSecurity BIO Vendor: ZKTeco Version Affected: 3.0.5.0_R CVE: CVE-2022-36634 Vulnerability: User privilege escalation #######################CREDIT####################### This vulnerability was discovered and researched by Caio Burgardt and Silton Santos. #######################INTRODUCTION####################### Based on the hybrid biometric technology and...
- ZKBiosecurity - Authenticated SQL Injection resulting in RCE (CVE-2022-36635) October 1, 2022Posted by Caio B on Sep 30#######################ADVISORY INFORMATION####################### Product: ZKSecurity BIO Vendor: ZKTeco ( https://www.zkteco.com/en/ZKBiosecurity/ZKBioSecurity_V5000_4.1.2) Version Affected: 4.1.2 CVE: CVE-2022-36635 Vulnerability: SQL Injection (with a plus: RCE) #######################CREDIT####################### This vulnerability was discovered and researched by Caio Burgardt and Silton Santos....
- Backdoor.Win32.Augudor.b / Remote File Write Code Execution September 27, 2022Posted by malvuln on Sep 27Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/94ccd337cbdd4efbbcc0a6c888abb87d.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Augudor.b Vulnerability: Remote File Write Code Execution Description: The malware drops an empty file named "zy.exe" and listens on TCP port 810. Third-party adversaries who can reach the infected […]
- Backdoor.Win32.Psychward.b / Weak Hardcoded Credentials September 27, 2022Posted by malvuln on Sep 27Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/0b8cf90ab9820cb3fcb7f1d1b45e4e57.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Psychward.b Vulnerability: Weak Hardcoded Credentials Description: The malware listens on TCP port 8888 and requires authentication. However, the password "4174" is weak and hardcoded in cleartext within the PE...
- Backdoor.Win32.Bingle.b / Weak Hardcoded Credentials September 27, 2022Posted by malvuln on Sep 27Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/eacaa12336f50f1c395663fba92a4d32.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Bingle.b Vulnerability: Weak Hardcoded Credentials Description: The malware is packed using ASPack 2.11, listens on TCP port 22 and requires authentication. However, the password "let me in" is weak […]
- SEC Consult SA-20220923-0 :: Multiple Memory Corruption Vulnerabilities in COVESA (Connected Vehicle Systems Alliance) DLT daemon September 27, 2022Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Sep 27SEC Consult Vulnerability Lab Security Advisory < 20220923-0 > ======================================================================= title: Multiple Memory Corruption Vulnerabilities product: COVESA DLT daemon (Diagnostic Log and Trace) Connected Vehicle Systems Alliance (COVESA), formerly GENIVI vulnerable version:
- Backdoor.Win32.Hellza.120 / Authentication Bypass September 20, 2022Posted by malvuln on Sep 19Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/2cbd0fcf4d5fd5fb6c8014390efb0b21_B.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Hellza.120 Vulnerability: Authentication Bypass Description: The malware listens on TCP ports 12122, 21. Third-party adversarys who can reach infected systems can logon using any username/password combination....
Customers
Twitter FEED
Recent activity
-
SecureOnlineDesktop
Estimated reading time: 6 minutes L'impatto crescente delle minacce informatiche, su sistemi operativi privati op… https://t.co/FimxTS4o9G
-
SecureOnlineDesktop
Estimated reading time: 6 minutes The growing impact of cyber threats, on private or corporate operating systems… https://t.co/y6G6RYA9n1
-
SecureOnlineDesktop
Tempo di lettura stimato: 6 minuti Today we are talking about the CTI update of our services. Data security is… https://t.co/YAZkn7iFqa
-
SecureOnlineDesktop
Estimated reading time: 6 minutes Il tema della sicurezza delle informazioni è di grande attualità in questo peri… https://t.co/tfve5Kzr09
-
SecureOnlineDesktop
Estimated reading time: 6 minutes The issue of information security is very topical in this historical period ch… https://t.co/TP8gvdRcrF
Newsletter
Products and Solutions
Partners
Cloud Models
News
- The SOAR benefits: simplifying investigation and response April 18, 2022
- Security Code Review: How the service works April 13, 2022
- Integration of the automated response: the automations in SOCaaS April 11, 2022
- Coordination between CTI and SOC: how to further raise the defenses April 6, 2022
- New Cloud Server: redundant internet March 23, 2022
Google Reviews
About
Copyright © 2011 Secure Online Desktop s.r.l. All Rights Reserved.
VAT: 07485920966 “Cloud Computing services - Software cloud - Cloud server - VPS” Terms of ServicePrivacy Policy
ISO Certifications