ClearOS: Linux Server for Small Business
ClearOS (formerly ClarkConnect) is a Linux distribution, with the aim of transforming any standard PC into a dedicated firewall and Internet server / gateway. The software is a solution for small businesses, home offices and networked homes. ClearOS is based on CentOS and offers a very robust set of tools organized in easy to navigate administration pages.
Small business and servers
Small business data centers often rely on one-size-fits-all solutions for standard problems. Because’? They save on costs. Within the Linux world, there are a number of exceptional server software that can help power a business in ways that aren’t always considered.
The problem with small businesses that use Linux can often come in the form of distribution complexity. While Linux has come a long way in terms of ease of use, there can sometimes be an additional level of complexity when it comes to server software. This additional learning curve is very often easily overcome by anyone with a moderate level of computer skills. Note that for anyone who has used Linux before, this is generally a breeze.
But then, who needs a data center solution, without the burden of a high-level IT expert on hand, who could they turn to? One solution is ClearOS.
What is ClearOS
According to the presentation material of the distribution:
“ClearOS is a simple, open and affordable operating system, with an intuitive web-based graphical user interface and a marketplace with over 100 applications to choose from, with more being added every day. By leveraging open source software, you decide which apps you need and only pay for the apps and support you want. “
To verify that these statements respect reality and check that ClearOS is indeed an interesting solution, let’s see the details together.
First, you need to choose between the versions of the operating system. In fact, ClearOS offers three different platform distributions:
– Community: the free edition of ClearOS
– Home: Ideal for home offices
– Business: Ideal for small businesses, thanks to the inclusion of paid support
To find out the differences of each edition, you can consult the ClearOS function matrix here. There are also the prices on the page which, after all, are contained for the proposed service.
There is really no need to talk about the ClearOS installation process, as it is incredibly simple. If you’ve ever installed Linux, you won’t have any problems with ClearOS.
I wanted to test it with a VirtualBox on my personal computer, and in just 20 minutes I had a working virtual machine with ClearOS ready. The installation time includes the post-installation wizard and the first updates.
Once you have completed the basic installation, post-installation wizard and updates, all done from within an incredibly well-designed web interface, you are ready to start adding applications from the ClearOS Marketplace, which is ‘where the platform really shines.
Taking a look at the process of adding applications to the ClearOS server, it is evident how easy this ecosystem is to use. Once we are done with the initial setup, we are on the “ClearOS Marketplace Getting Started” page. From this screen it is possible to manage the application selection and installation process.
The operating system also comes with a couple of preconfigurations to choose from. In any case, you will have the possibility to choose through the selection of applications / services to be installed on the ClearOS server.
Available features include:
– Firewall, Networking and Security:
– Network: the firewall restricts access to systems and provides advanced features, including DMZ, NAT 1 to 1 and Port Forwarding
– Protocol: Peer-to-Peer discovery system allows you to manage the use of peer-to-peer file sharing
– Application: Intrusion Detection and Intrusion Prevention systems provide an additional layer of defense against threats to your network.
– Virtual Private Networking
– Web Proxy and Content Filter
– Email, including Webmail
– Database and Web Server
– File and print services
Some of the apps are free, while others have a cost. You have to consult the list of available apps to see if any of these apps / services meet your needs and fit your budget. Once you have selected all the applications you want to install, you can proceed with the installation.
At this point you are ready to configure the custom dashboard. If you don’t want to worry about customizing the dashboard, you can use the default one. The dashboard allows you to select what you want to view through practical drop-down menus. It is also possible to immediately start configuring newly installed applications.
One remarkable thing is that ClearOS has made configuring the LDAP service extremely easy. Normally this process can be quite a headache, but ClearOS has found a way to make it as painless as possible.
The function of ClearOS
One thing not found on ClearOS is a tool for creating a server environment like that of a Microsoft Small Business Server or its successor Windows Server. So, using applications like MS Office, via Terminal Server, will not work. But you can always install the Dropbox app for free and use their Paper Server. This, of course, is not a real alternative for a full office suite, but it is still a partial solution.
However, this is not the point of ClearOS, as the intent is more to serve a business-class server that can help protect and expand a small business network. In other words, if you are looking for an incredibly simple firewall to set up and manage, VPN, DNS, DHCP, and a well-rounded general network appliance, ClearOS is exactly what you need. If you are looking for something to replace a Samba server, ClearOS is not the solution.
ClearOS can be found among the standard SOD templates and you can then install your own VPS with ClearOS in a few seconds.
- The SOAR benefits: simplifying investigation and response
- Security Code Review: How the service works
- Integration of the automated response: the automations in SOCaaS
- Coordination between CTI and SOC: how to further raise the defenses
- New Cloud Server: redundant internet
- Quality certificate for the SOCaaS of SOD
- Managed Detection and Response: a new preventive approach
- CLUSIT: our collaboration for better services
- Backup as a Service (17)
- Cloud Conference (3)
- Cloud CRM (1)
- Cloud Server/VPS (22)
- Conferenza Cloud (4)
- ICT Monitoring (5)
- Log Management (2)
- News (21)
- ownCloud (4)
- Privacy (7)
- Secure Online Desktop (15)
- Security (170)
- Web Hosting (15)
- Forescout Launches Forescout Frontline to Help Organizations Tackle Ransomware and Real Time Threats May 25, 2022New threat hunting and risk identification service provides organizations with an enterprise-wide baseline of their threat landscape and risk exposure.
- Is Your Data Security Living on the Edge? May 25, 2022Gartner's security service edge fundamentally changes how companies should be delivering data protection in a cloud and mobile first world.
- Interpol's Massive 'Operation Delilah' Nabs BEC Bigwig May 25, 2022A sprawling, multiyear operation nabs a suspected SilverTerrier BEC group ringleader, exposing a massive attack infrastructure and sapping the group of a bit of its strength.
- JFrog Launches Project Pyrsia to Help Prevent Software Supply Chain Attacks May 25, 2022Open source software community initiative utilizes blockchain technology.
- Mastercard Launches Cybersecurity “Experience Centre” May 25, 2022Experience Centre features emerging Mastercard products and solutions for securing digital payments on a global scale, including those developed locally in Vancouver.
- Qualys to Unveil VMDR 2.0 at Qualys Security Conference in San Francisco May 25, 2022Company will detail enhancements to Vulnerability Management, Detection and Response solution next month.
- Corelight Announces New SaaS Platform for Threat Hunting May 25, 2022Corelight Investigator aids threat hunting and investigation through intelligent alert aggregation, built-in queries and scalable search
- Cybersecurity-Focused SYN Ventures Closes $300 Million Fund II May 25, 2022Cylance co-founder Ryan Permeh has joined full time as an operating partner.
- Vishing Attacks Reach All Time High, According to Latest Agari and PhishLabs Report May 25, 2022According to the findings, vishing attacks have overtaken business email compromise as the second most reported response-based email threat since Q3 2021.
- Zero-Click Zoom Bug Allows Code Execution Just by Sending a Message May 25, 2022Google has disclosed a nasty set of six bugs affecting Zoom chat that can be chained together for MitM and RCE attacks, no user interaction required.
- Disclosing Vulnerability of CLink Office 2.0 May 23, 2022Posted by chan chan on May 23Dear Sir/Madam, I would like to submit a vulnerability found on CLink Office 2.0. I had contacted the vendor 60 days before but in vain. # Exploit Title: Multiple blind SQL injection vulnerabilities in in CLink Office 2.0 Anti-Spam management console # Date: 30 Mar 2022 # Exploit Author: […]
- [tool] tplink backup decryptor. May 23, 2022Posted by retset on May 23Yet another "tool" to decrypt a backup configs for some tplink wifi routers. Only tested on latest fw for "Archer C7". I hope that it will be useful for someone. https://github.com/ret5et/tplink_backup_decrypt_2022.bin
- SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP® Application Server, ABAP and ABAP® Platform (Different Software Components) May 18, 2022Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on May 18SEC Consult Vulnerability Lab Security Advisory < 20220518-0 > ======================================================================= title: Multiple Critical Vulnerabilities product: SAP® Application Server ABAP and ABAP® Platform (Different Software Components) vulnerable version: see section "Vulnerable / tested versions" fixed version: see SAP security notes...
- PHPIPAM 1.4.4 - CVE-2021-46426 May 18, 2022Posted by Rodolfo Augusto do Nascimento Tavares via Fulldisclosure on May 18=====[ Tempest Security Intelligence - ADV-03/2022 ]========================== PHPIPAM - Version 1.4.4 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil =====[ Table of Contents ]================================================== * Overview * Detailed description * Timeline of disclosure * Thanks & Acknowledgements * References =====[ Vulnerability […]
- LiquidFiles - 3.4.15 - Stored XSS - CVE-2021-30140 May 18, 2022Posted by Rodolfo Augusto do Nascimento Tavares via Fulldisclosure on May 18=====[ Tempest Security Intelligence - ADV-12/2021 ]========================== LiquidFiles - 3.4.15 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil =====[ Table of Contents]================================================== * Overview * Detailed description * Timeline of disclosure * Thanks & Acknowledgements * References =====[ Vulnerability...
- Watch multiple LockBit Ransom get DESTROYED Mass PWNAGE at scale! May 18, 2022Posted by malvuln on May 18Watch multiple LockBit Ransom get DESTROYED Mass PWNAGE at scale! https://www.youtube.com/watch?v=eg3l8a_HSSU
- github.com/malvuln/RansomDLLs / Catalog of current DLLs affecting vulnerable Ransomware strains. May 18, 2022Posted by malvuln on May 18Reference list for my Ransomware exploitation research. Lists current DLLs I have seen to date that some ransomware search for, which I have used successfully to hijack and intercept vulnerable strains executing arbitrary code pre-encryption. https://github.com/malvuln/RansomDLLs
- APPLE-SA-2022-05-16-2 macOS Monterey 12.4 May 17, 2022Posted by Apple Product Security via Fulldisclosure on May 16APPLE-SA-2022-05-16-2 macOS Monterey 12.4 macOS Monterey 12.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213257. AMD Available for: macOS Monterey Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed […]
- APPLE-SA-2022-05-16-6 tvOS 15.5 May 17, 2022Posted by Apple Product Security via Fulldisclosure on May 16APPLE-SA-2022-05-16-6 tvOS 15.5 tvOS 15.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213254. AppleAVD Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel […]
- APPLE-SA-2022-05-16-5 watchOS 8.6 May 17, 2022Posted by Apple Product Security via Fulldisclosure on May 16APPLE-SA-2022-05-16-5 watchOS 8.6 watchOS 8.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213253. AppleAVD Available for: Apple Watch Series 3 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free […]
Security Awareness, la sicurezza aziendale parte dai dipendenti. L'ingegneria sociale fa spesso leva sull'ignoranza… https://t.co/nGAs70Ofn5
Torna all'inizio Scopri i nostri servizi di Cyber SecurityTroverai sicuramente quello che fa al caso tuo Se vuoi m… https://t.co/Emm5kUfFc4
Estimated reading time: 6 minutes Today we see one of the latest additions to our SOCaaS, the Autonomous Threat… https://t.co/QNvHnKbEqq
Estimated reading time: 6 minutes The Security Code Review (SCR) service is increasingly used by companies l… https://t.co/rJmYXr1oCj
Estimated reading time: 6 minutes Il servizio di Security Code Review (SCR) è sempre più utilizzato dalle aziende… https://t.co/g2ho2C8FYh