|HNS reviews the book:
Counter Hack: A Step-by-Step Guide to Computer Attacks and Effective Defenses.
If you're in charge of the security of a network or just a security enthusiast, you'll find this book of great value. The specific tools and techniques described in this book are more valuable than just theory presented in other publications.
( Permalink: Book Review - Counter Hack Submitted by LogError Thu Feb 13, 2003 )
|PDAs, Anyone? Linux Arena Almost Abounds|
|Linux Planet reports on
"Just a couple of years ago, you'd be hard pressed to find a laptop pre-installed with Linux. no matter where you looked. At last month's LinuxWorld show, though, there were multiple displays of even smaller Linux-enabled devices. Locations of the Linux PDAs included booths of hardware heavyhitters IBM, AMD and Sharp. IBM used LinuxWorld as a launch platform for its PowerPC 405LP PDA reference design. The new design calls for a palm-sized handheld based on IBM's PowerPC chips."
( Permalink: PDAs, Anyone? Linux Arena Almost Abounds Submitted by Noel Wed Feb 12, 2003 )
|SuSE OpenExchange: More Than a Mere Mail Server|
|Nice review of the next incarnation of SuSE's Linux eMail Server. OpenExchange is a direct shot at MS Exchange, with what I think are superior features and usability. "No one needs a server this sophisticated for merely distributing emails across the network. The heart of OpenExchange is the PostgreSQL database. Documents are stored as database objects, rather than simply copied over via Samba. This doesn't matter to users, of course, who see standard directory trees and have a nice GUI to click and drag through. Items are hyperlinked for easy organization and retrieval and for conserving disk space -- there's no need to create endless multiple copies of files for distribution."
( Permalink: SuSE OpenExchange: More Than a Mere Mail Server Submitted by Alice Sysadmin Wed Feb 12, 2003 )
|Getting RANCID on FreeBSD|
|Daemon News talks about using
"RANCID - Really Awesome New Cisco confIg Differ - is a configuration management tool for Cisco routers and Catalyst switches, as well as equipment from Alteon, Bay Networks, Extreme, Force 10 Networks, Foundry, HP, Juniper and Redback. It works by periodically connecting to your device (telnet, SSH, or rlogin) and recording the configuration. Any differences are flagged using diff and emailed to you and saved in CVS."
( Permalink: Getting RANCID on FreeBSD Submitted by Noel Wed Feb 12, 2003 )
|Linux Kernel Problems|
|In this weeks
Security Alerts, we look at problems in the Linux kernel, Kerberos, dchp3, the Blade encoder, WebSphere Advanced Server, SpamAssasin, OpenBSD's chpass, Red Hat Linux 8.0's kernel-utils package, w3m, Window Maker, and HPUX's wall. |
( Permalink: Linux Kernel Problems Submitted by Noel Wed Feb 12, 2003 )
|Book Review - Managing Information Security Risks|
|This book provides a powerful documentation on CERT/CC's Operationally Critical Threat, Asset, and Vulnerability Evaluation. It offers all the information you need to know while thinking about or starting the implementation of the OCTAVE into your organization.
( Permalink: Book Review - Managing Information Security Risks Submitted by LogError Wed Feb 12, 2003 )
|Mandrake Linux Corporate Server 2.1|
MozillaQuest Magazine (mozillaquest.com) reports: "Mandrake . . . Linux Corporate Server 2.1 . . . 'offers all the tools needed to create a full-featured enterprise network, complete with the latest up-to-date software and security updates.' MandrakeSoft also produces and distributes Mandrake Linux 9.0 . . . The Mandrake Linux PowerPack and Standard editions are designed for individual users, and the ProSuite Edition is created for small and medium-sized enterprises . . . Mandrake Linux Corporate Server 2.1 'is a comprehensive and versatile Linux solution that provides large accounts with critical business server functions . . . The Corporate Server includes MandrakeClustering tools.'"
Check MozillaQuest.com for the full story and links!
( Permalink: Mandrake Linux Corporate Server 2.1 Submitted by Anonymous Tue Feb 11, 2003 )
|Creating Your Own CA|
|On Lamp tells us about becoming our own
"Well-known Certificate Authorities (such as Thawte and VeriSign) exist to serve as authoritative, trusted third-parties for authentication. They are in the business of signing SSL certificates that are used on sites that deal with sensitive information (like account numbers or passwords). If a site's SSL certificate is signed by a trusted authority, then presumably it is possible to verify the identity of a server supplying that certificate's credentials."
( Permalink: Creating Your Own CA Submitted by Noel Tue Feb 11, 2003 )
|The Linux Kernel's Next Incarnation|
|Newsfactor tells us about
"Steve Neuner, Linux engineering director at SGI, told NewsFactor one area that is being improved greatly is the Linux scheduler. The scheduler handles
running tasks, deciding which processors to run them on and what
priority each task should get. Although the existing scheduler is
sufficient for machines with one and two processors, Neuner said new
enhancements will help avoid having tasks "hopping around between
a lot of different processors."
( Permalink: The Linux Kernel's Next Incarnation Submitted by Noel Tue Feb 11, 2003 )
|Barton: Athlon XP with 512 KB L2 Cache|
|Today AMD has introduced a new Athlon XP featuring a 512 KB L2 cache, double that of previous Athlon XPs. Due to the performance improvement associated with the cache, the chip is rated at 3000+, despite being clocked slightly slower (2.17 GHz) than the Athlon XP 2800+ (2.25 GHz). How do these claims stack up? Ace's Hardware has a review that answer's this, by benchmarking the chip in a number of both gaming and professional applications, including 3D Studio Max, AutoCAD, Lightwave, Photoshop, UT2003, Battlefield 1942, and more.|
( Permalink: Barton: Athlon XP with 512 KB L2 Cache Submitted by Brian Neal Tue Feb 11, 2003 )
|Freeing the Filesystem from Itself|
|OSNews features an interesting article, discussing the possibility for a new, free-form filesystem which would use metadata extensively, and it would eliminate the need of a hierarchical structure. The files wouldn't even need a filename or a directory to be saved on. Furthermore, no centralized directory would need to exist; all information for a section of the disk could be stored at the head of the section like ext2 and could be easily recovered and indexed at boot time. Files would be retrieved by the user with the help of an intelligent search mechanism. The author also advocates a way of freeing files from their filetypes. Maybe this filesystem in conjuction with an OS like this one, could create some real innovation in personal computing.|
( Permalink: Freeing the Filesystem from Itself Submitted by Gentu Tue Feb 11, 2003 )
|SCO-Caldera & the GNU/Linux Community|
|SCO's Blake Stowell, MozillaQuest Magazine's (mozillaquest.com) Mike Angelo, and others discuss SCOsource intellectual property (IP) issues. At issue are libs owned by the SCO Group (formerly Caldera) that allow UNIX applications to run on . . . Linux."
Issues discussed: "(1) Are the subject SCO libraries . . . public domain software? (2) Are the subject SCO-Caldera libraries included in any current, major Linux Distributions? (3) What libraries are included in the SCO intellectual property (IP) claims? (4) What applications require the SCO-Caldera IP libraries? (5) What are the impact and effect of the SCO IP licensing and enforcement on the Linux community? . . . Could SCO's IP licensing and and enforcement endeavors find SCO locking horns with the GNU/Linux, Linux, free software, and open source communities? Could SCO get into intellectual property battles with Apple, Microsoft, or other UNIX providers such as HP, IBM, or Sun?"
Check MozillaQuest.com for the full story and links!
( Permalink: SCO-Caldera & the GNU/Linux Community Submitted by Anonymous Mon Feb 10, 2003 )
|Tale of Two Stories|
|Linux Journal talks about
Google and Linux.
"Google has achieved maximum Linux irony by becoming
the only commercial enterprise to leverage enormous quantities of free
software (10,000+ Linux servers at last count) into de facto web infrastructure: private enterprise as public utility.
Irony or not, Google is a major Linux success story."
( Permalink: Tale of Two Stories Submitted by Noel Mon Feb 10, 2003 )
|Peace, Love and Lycoris|
|'Flower Power' was the mantra of a generation in the 1960s. That metaphor takes on a whole new meaning as DesktopLinux.com interviews Lycoris executives, CTO Joseph Cheek and marketing guru Jason Spisak about Lycoris' Linux desktop. The in-depth talk focuses on the company's strategy, open source philosophy, how it compares to Microsoft's Windows XP, and how Lycoris is shaping the future of Desktop Linux for the consumer today . . .
Read full story
( Permalink: Peace, Love and Lycoris Submitted by har Mon Feb 10, 2003 )
|SunScreen, Part Two: Policies, Rules, and NAT|
|Security Focus brings us:
SunScreen, Part Two: Policies, Rules, and NAT.
"SunScreen is Sun Microsystem's firewall product and provides a variety of features that allow system and network administrators to secure their networks as well as provide for remote access capabilities. This article will cover the some of the rudimentary facilities in SunScreen such as adding and removing rules, setting up a remote management station, and network address translation."
( Permalink: SunScreen, Part Two: Policies, Rules, and NAT Submitted by Noel Mon Feb 10, 2003 )