Software I came across this year.

Mac

Transmit

Because Cyberduck wasn’t adequate. The scrolling is very slow as well as sometimes it fails to save the file when directly editing files remotely.

This one is very lightweight, fast and can edit files directly via SCP no problem with good design and has no obvious flaws. For a software to use for work, $40 is a good deal.

GitX

Many distributed version control system came out at once and while I liked the philosophy of Bazaar as trying to be user friendly, Git basically took the market acceptance the widest. Possibly due to the fact it’s being used for Linux and the developers around it. Mercurial and Bazaar no longer even really show up on IT news as of late.

In order to commit the work, command line usually suffices but to look at the histories in any meaningful way, a GUI can really shine and this is a lightweight app and does what I want it to pretty well.

Little Snitch

In summary, this is a ‘reversed’ firewall. Typical firewalls block connections from outside, but this blocks connections going to outside from the computer. This can block automatic updates and software that tries to send analytical information without an easy way to avoid it completely. If you do not wish your computer to communicate to outside sources without you knowing, this can be a good way to stop them. It may also be able to block malicious communication once the computer has a virus.

If you are paranoid, this can also stop all of those software updates and everything when you take your computer to public networked locations such as internet cafe where  other people may be monitoring the network and may know that a seat may have a Mac due to the content of your computer’s network communication… €29.95

Viscosity

Have used this from some years back, but posting it anyway as this post is the first of the kind.

This is an OpenVPN client. Typically, TunnelBlick is usually favored to be used as being an opensource free client and I assume it’s quite stable and featureful as of now, but this one has a slick design. And it’s only $9.

OpenVPN is a very well designed software in my opinion. Other VPN solution such as IPSec takes forever for people to accept its complication but this is done in a very simple manner by using just a single TCP port to establish VPN. And it’s an opensource application distributed freely which does not have all the pluses/extras/etc bundles to make redundant ‘business’ features which only slows everything down. Last time I checked, I think it also has a very interesting feature which lets OpenVPN to listen on TCP port 443 and if the protocol received is OpenVPN protocol, it will do the VPN job but if it’s HTTP (SSL) then it will redirect the connection to the backend web servers.

Lingon

This controls the tasks and background jobs started automatically. This can stop apps such as Google Chrome to stop checking for updates automatically without any obvious way to turn it off.

This app suddenly became a shareware as soon as App Store got opened by Apple recently but I guess the last version is still available as free open source downloadable app from SourceForge.

Windows

CCleaner

Popular system cleaner. Does the job well.

Adobe Reader X

Adobe Reader only went to become bloatware for a while and I have been using Foxit Reader in place but I guess they rethought about it and made it lighter and I’ve just switched it back.

Server

fail2ban

This will block accesses automatically who fails connection attemps such as SSH consecutively against a certain threshold. A nice saver for server admin. It can also have rules against postfix and such. Making wrong configuration to block SSH entirely could be a p.i.t.a.

Before using this I used to throttle SSH connection for users to be able to connect only once every 30 seconds but in that case people in the same office (with same IP) or some script trying to ‘rsync’ over SSH consecutively can be a little concern and as such, using this daemon is a better choice.

ack-grep

Niftier ‘grep’. It can only search through registered file types and thus can search quickly. Written in perl. The domain name is cool :)

zsh

I used to be using ‘bash’ and I had time when I was satisfied with it. But zsh’s auto completion can be a real typing saver. When it auto completed database names against ‘mysql’ commands and when I had PKI auth set up against ‘scp’ command and it auto completed remote server’s directory I was about to fall off the chair. It has a lot more than that but I haven’t caught up with all of the nifty stuff yet.

unbound

It is said to be better security-wise to separate answering own domain and looking up others’ domain through BIND and this only works as a resolving daemon. I like its simplicity and lightweight footprint and typically install one on every localhost.

nsd

Only returns DNS information of its own domain and does not do any resolving. This can be used as a replacement against BIND who seems to come up with security problems every now and then. Some root servers operate on this. It’s good when BIND’s DNS zone configuration files can be used unmodified.

Not sure why when BIND is told to listen to all of the interfaces, it tries to bind to every IP instead of globally. It will become a problem when interfaces come and go dynamically.

deborphan

When installing packages such as ‘rails’, it will install ‘ruby’, ‘gem’ and others but when deleting ‘rails’ it may leave some packages left installed and when you want to clean them all, this command can pick them up and by applying against ‘apt-get remove/purge’ they can easily be removed.

openntpd

I have been using this for about 5 years because ntp daemon’s configuration looks like a big incomprehensible mess… I do not care about drift, control port or any of that stuff as long as the daemon just settles the system’s time under a second’s accuracy. And OpenNTPd is supposed to do just that.

rsnapshot

Probably have been using this for over a few years.

This tool is very efficient for backing up data. rdiff-backup does a binary diff or some sort and it can store efficiently in terms of storage usage but then again, retrieving the data out will be a little pain to do as you cannot simply read them off from the underlying file system. ‘rsnapshot’ uses hard link for storing identical files for all the backup directory hierarchy, which saves space at the same time making it easy to manipulate them by regular means on the file system. I typically send data off from servers to a concentrated backup server and use rsnapshot on it to create chronological history of data.

The best way to take a reliable backup is via file system snapshot which can retrieve data at any given moment and does not take any extra space but Linux doesn’t have zfs and btrfs isn’t coming out at all and ext4 is just so normal… This still seems nothing as well.

vnstat

It’s very effective to calculate the server’s bandwidth. PHP frontend can show you the in and out usage with a pretty graph. It’s really valuable these days where cloud vendors charge you with the amount of bandwidth used.

unattended-upgrades

Perhaps have been using it for the last few years.

This will automatically install security updates on servers. This seem like pretty obvious feature that every server OS should have but it’s only Ubuntu who will ask to do this at installation. People say installing updates automatically is bad as it can break stuff, but it is only a matter of what to install and installing security updates automatically can prevent zero-day attacks as well. Updates including new features can just be added manually at the right time.