|Security Focus tells us more about
"As you are about to find out, the answer is very simple: honeypots are a simple, cost-effective way to detect illicit, unauthorized activity. This article will examine the role of detection in the overall security strategy. It will then discuss some traditional detection approaches as well as some problems inherent in those approaches. It will then show how honeypots effectively overcome those problems, thereby strengthening the detection component of the security strategy."
( Permalink: Honeypots: Simple, Cost-Effective Detection Submitted by Noel Fri May 2, 2003 )
|Guide To Using Snort For Basic Purposes|
|"A few months ago I was presented with a task of creating a secure DMZ with Linux servers in it, since I am not a Linux guru yet, I wanted to research different programs and told that I can use to monitor, filter, traffic, as well as some other programs, but it doesn't matter right now. By my friend's recommendation I decided to look into snort as an IDS (Intrusion Detection System). In the following essay I will tell you about writing rules and alerts for snort. I went through a lot of reading and nights of trying to configure it, and playing around with it, and I think that if material was presented in a slightly different fashion if could of made the life of snort users much easier, and so here is some basic information first."
( Permalink: Guide To Using Snort For Basic Purposes Submitted by Dr.T Thu May 1, 2003 )
|If I Had My Own Distro...|
|Adam Scheinberg writes an interesting editorial explaining what he would do if he was a developer and he had a Linux distribution. His suggestions are pretty radical, and in places resembles of what Apple had done to MacOSX with the help of BSD as the underlying technology. But if this is what it takes to get Linux into the next level, it might worth the consideration.|
( Permalink: If I Had My Own Distro... Submitted by Anonymous Thu May 1, 2003 )
|Taking Samba Beyond POSIX|
|The Australian hacker has been working on pushing Samba beyond the POSIX world and figuring out what work needs to be done to get Samba to support new filesystems such as XFS, ext3, and Storage Tank. The answer is nothing less than a complete rewrite of Samba's smbd code, which has become his latest pet project. Here's an interview with Andrew Tridgell on his latest Samba rewrite.|
( Permalink: Taking Samba Beyond POSIX Submitted by Anonymous Thu May 1, 2003 )
|The Must-Fix List For 2.6.0|
|Andrew Morton posted a lengthy list of items that need to be done before the 2.5 development kernel tree should be turned into the 2.6 stable kernel tree. He prefaced his list by noting that 2.6.0 does not mean, "it's finished, ship it", alternatively offering, "I'd propose that 2.6.0 means that users can migrate from 2.4.x with a good expectation that everything which they were using in 2.4 will continue to work, and that the kernel doesn't crash, doesn't munch their data and doesn't run like a dog. Other definitions are welcome."|
( Permalink: The Must-Fix List For 2.6.0 Submitted by Jeremy Andrews Thu May 1, 2003 )
|Professional Apache Tomcat|
|Unix Review reviews the book:
Professional Apache Tomcat.
"The Java servlet is the preferred technology our industry has chosen "for extending the functionality of a Web server and for accessing existing business systems", in the words of Sun's Java cheerleaders. To provision your development teams with the best open source servlet engine, you need the information in Professional Apache Tomcat."
( Permalink: Professional Apache Tomcat Submitted by Noel Wed Apr 30, 2003 )
|Introduction to Simple Oracle Auditing|
|Security Focus brings us:
Introduction to Simple Oracle Auditing.
"This article will introduce the reader to the basics of auditing an Oracle database. Oracle's RDBMS is a functionally rich product and there are a number of auditing alternatives available to the reader. Because auditing Oracle is such a huge subject, doing all of it justice would take an entire book, so this paper will cover the basics of why, when and how to conduct an audit. It will also use a couple of good example cases to illustrate how useful Oracle audit can be to an organization."
( Permalink: Introduction to Simple Oracle Auditing Submitted by Noel Wed Apr 30, 2003 )
|O'Reilly brings us:
"As a result, most professional programmers have to deal with badly designed, badly implemented, uncommented, incomprehensible blobs.
The art of digging through ancient code is called electronic archaeology and this article discusses some of the tools you can use to make your job easier."
( Permalink: Electronic Archaeology Submitted by Noel Wed Apr 30, 2003 )
|Textmaker for Linux Reviewed|
|DeskTopLinux takes a look at
Textmaker for Linux.
"SoftMaker is just a week or so away from the official release of the first component in their Office Suite, the word processor, TextMaker for Linux. DesktopLinux.com reviews their latest beta release to determine how the product performs in real world use. The product promises to deliver true Microsoft Word functionality for the LinuxOS."
( Permalink: Textmaker for Linux Reviewed Submitted by Noel Wed Apr 30, 2003 )
|SuSE 8.2 Pro Vs Red Hat Linux 9 in Desktop Usage|
|Aki Kolehmainen is an engineer working for a Finnish IT company. His company is using Red Hat Linux for all their activities since last year. Recently, they threw in the mix SuSE 8.2 PRO, and they are considering it as an alternative or as a replacement to Red Hat Linux 9. Aki writes down his thoughts on SuSE Vs Red Hat and how do they compare for his needs.|
( Permalink: SuSE 8.2 Pro Vs Red Hat Linux 9 in Desktop Usage Submitted by Anonymous Tue Apr 29, 2003 )
|Nicholas Petreley on Linux Developers|
|Evans Data Corp's 2003 Linux Developer Survey is out, and this year Evans brought in Nicholas Petreley -- long-time Linux observer, founding editor of LinuxWorld.com, and contributing editor for InfoWorld -- to analyze the survey results. To get some perspectives on what the survey tells us about Linux developers' likes and dislikes, take a look at this interview.|
( Permalink: Nicholas Petreley on Linux Developers Submitted by Anonymous Tue Apr 29, 2003 )
|SCO Clears Linux Kernel but Implicates Red Hat|
|Will Red Hat and SuSE be drawn into the SCO v. IBM fracas? In an informative interview SCO-Caldera's Chris Sontag tells MozillaQuest.com's Mike Angelo there is SCO-owned code in Red Hat and SuSE Linux and no tainted code in the "Linux kernel that Linus [Torvalds] and others have helped develop." SCO's Sontag discusses whether the Linux kernel, GNU/Linux operating system, Linux distributions, or Linux applications are involved in the alleged IBM misconduct, which Linux distributions are involved, and how they are involved. It appears that SCO-Caldera is laying the groundwork for copyright infringement claims against Red Hat and SuSE. The Caldera v IBM lawsuit is as much a fishing expedition as it is a serious claim for damages from IBM.
Check MozillaQuest.com for the full story and links!
( Permalink: SCO Clears Linux Kernel but Implicates Red Hat Submitted by Anonymous Tue Apr 29, 2003 )
|Interview with Professor David Costa|
|There is a Linux distro for any possible need and CollegeLinux is geared towards students and schools! Today, OSNews interviews Prof. David Costa of the Robert Kennedy College in Delémont, Switzerland regarding their initiative behind CollegeLinux.|
( Permalink: Interview with Professor David Costa Submitted by Anonymous Mon Apr 28, 2003 )
|Linux Network Servers|
|Unix Review looks at the book:
Linux Network Servers.
"I'm glad to say, however, that this book was a much more rewarding read. Written by the series' namesake, it's a bit more on-target and contains a good overview of network services for Linux. It's not perfect, but the book contains a lot of good information and is well written."
( Permalink: Linux Network Servers Submitted by Noel Mon Apr 28, 2003 )
|Red Hat Network's Upgrade to Red Hat 9|
|Linux World tells us about
Red Hat Network's low-cost upgrade to Red Hat 9.
"I decided to put my Red Hat Network subscription to greater use. I normally use RHN to run up2date at least weekly so I can keep up with the latest security fixes and updates. This week, I decided to download the iso images of 'shrike' (Red Hat's code-word for its new release) and upgrade my desktop from Red Hat 8 to Red Hat 9."
( Permalink: Red Hat Network's Upgrade to Red Hat 9 Submitted by Noel Mon Apr 28, 2003 )