|On Lamp takes a look at the
"Let's take a look at that output. You'll note that three separate key pairs were generated: one for rsa1, one for rsa, and one for dsa. You should recognize the RSA and DSA acronyms from the last article on cryptographic terms. But why so many key pairs? There are two versions of the SSH protocol, and OpenSSH supports them both. Not surprisingly, the rsa1 keypair is used by SSH version 1. You can see from the output that ssh2 (version 2) supports both RSA and DSA."
( Permalink: The SSH Cryptosystem Submitted by Noel Mon Nov 18, 2002 )
|TriSentry, a Unix Intrusion Detection System|
|On Lamp tells us about
"Intrusion detection isn't anything new. Throughout the history of computer networking, administrators have worked to find ways of tracking system security breaches and identifying the culprits behind them. Network administrators have a wide range of sophisticated tools to improve auditing, and to report and block intrusion. The TriSentry suite, from Psionic Technologies, is one such free tool."
( Permalink: TriSentry, a Unix Intrusion Detection System Submitted by Noel Mon Nov 18, 2002 )
|Top Five Open Source Packages|
|On Lamp brings us:
Top Five Open Source Packages for System Administratorsa.
"This is the third installment of a five-part series in which I introduce my current list of the most useful and widely applicable open source administrative tools. In general, these tools can make your job easier, no matter what Unix operating system your computers run."
( Permalink: Top Five Open Source Packages Submitted by Noel Fri Nov 15, 2002 )
|Structured Editing in Emacs|
|Linux Guru talks about
structured editing in Emacs.
"This article focuses on the use of Emacs to edit SGML mark-up and it's derivatives like XML and HTML. If you have never used Emacs or dislike it for some reason, don't worry I did too. I always wondered what people could see in such a complicated and unfriendly thing. Nevertheless, when I started writing in Docbook, I immediately realized I needed a tool far more sophisticated than a pretty and colorful text editor."
( Permalink: Structured Editing in Emacs Submitted by Noel Fri Nov 15, 2002 )
|Clustering the Basics|
|This tutorial has been updated to include information about the latest IBM clustering models. Clustering boils down to two concepts: availability and fast response. At the end of this tutorial, you'll know what clusters are, and how to achieve high availability, failover, redundancy, and replication. You'll also understand resiliency, load balancing, CSM, and resource sharing. This tutorial takes about half an hour to complete. (Free registration required - Noel)|
( Permalink: Clustering the Basics Submitted by Anonymous Fri Nov 15, 2002 )
|Film Gimp - Lights, Camera, Linux!|
|Desktop Linux takes a look at
"Film Gimp is a tool for retouching motion pictures frame by frame. A typical application is removing dust marks after film is digitized. Scanning the negative is the first step in post-production, and the scans must be cleaned up to remove dust and scratches. Film Gimp also is used to eliminate wires when actors are being flown in wire rigs."
( Permalink: Film Gimp - Lights, Camera, Linux! Submitted by Noel Fri Nov 15, 2002 )
|3.06 GHz Pentium 4 with HyperThreading|
|Ace's Hardware has a new review of the new 3.06 GHz Pentium 4. The new CPU features HyperThreading, otherwise known as Simultaneous Multithreading or SMT. SMT allows the processor take advantage of thread-level parallelism present in multithreaded applications or multiple concurrent running processes by executing instructions from both threads simultaneously. To the OS, a SMT-capable processor appears as two or more logical processors (two in the case of the Pentium 4) that multiple threads can be scheduled on. Though this does not provide double the performance, it does allow the processor to be utilized more efficiently...increasing overall performance/clockrate.|
( Permalink: 3.06 GHz Pentium 4 with HyperThreading Submitted by Brian Neal Fri Nov 15, 2002 )
|Linus Torvalds Answers 10 Goofy Questions|
|Linux World brings us:
Linus Torvalds answers 10 goofy questions.
"Never fear, my dweebs. Here are ten questions that Doc Searls, Phil Hughes and the rest of the gang really wanted answered on that cruise but were afraid to ask."
( Permalink: Linus Torvalds Answers 10 Goofy Questions Submitted by Noel Thu Nov 14, 2002 )
|Running Zebra on a Unix Machine|
|On Lamp tells us how to
run Zebra on a Unix machine.
"Zebra closely mimics Cisco IOS behavior, even in cases where this behavior is largely arbitrary. Let me give you an example. BGP routes can have a metric, or "Multi Exit Discriminator" (MED), to use the right term. In other routing protocols, such as OSPF, the metric is the primary mechanism to select routes: the one with the lowest metric is preferred."
( Permalink: Running Zebra on a Unix Machine Submitted by Noel Thu Nov 14, 2002 )
|Tool of the Month: K3b|
|Unix Review takes a look at
"Linux has had a few GUI programs for CD burning, but they weren't quite as user-friendly as their counterparts on other platforms. I had been using X-CD-Roast for audio CDs or just using cdrecord directly for burning ISO images. I'm pretty sure those days are over, though. When I installed SuSE 8.1, K3b was one of the gobs of programs that came with the Professional Edition, so I installed it. I'm glad that I did; it's quite a nice program."
( Permalink: Tool of the Month: K3b Submitted by Noel Thu Nov 14, 2002 )
|Trojan Found in libpcap and tcpdump|
|Members of The Houston Linux Users Group discovered that the newest sources of libpcap and tcpdump available from tcpdump.org were contaminated with trojan code. HLUG has notified the maintainers of tcpdump.org. Read more at Help Net Security.|
( Permalink: Trojan Found in libpcap and tcpdump Submitted by LogError Thu Nov 14, 2002 )
|The Unix Auditor's Practical Handbook|
|Just found this on the BugTraq mailing list: The Unix Auditor's Practical Handbook, a concise guide to auditing Unix systems. It's written for Solaris, but there's lots that's applicable to other systems.|
( Permalink: The Unix Auditor's Practical Handbook Submitted by Saint Aardvark Thu Nov 14, 2002 )
|The FBI's Top 20 List|
|Linux World talks about what is on the
FBI's top 20 list.
"The list is misleading in that many readers and editors would have seen this as an FBI certification of the relative equality of security problems between systems running Microsoft Windows and those running Unix."
( Permalink: The FBI's Top 20 List Submitted by Noel Wed Nov 13, 2002 )
|Complete Snort-based IDS Architecture, Part One|
|Security Focus tells us about building a
complete Snort-based IDS architecture.
"The intrusion detection platform discussed in this paper will be based on Debian GNU Linux OS, Snort network IDS, MySQL database, and ACID analysis console. Debian is entirely free software that may be used under GNU General Public License. Of course, one can use any Linux system, as they generally differ from each other only by package format and start-up scripts hierarchy."
( Permalink: Complete Snort-based IDS Architecture, Part One Submitted by Noel Wed Nov 13, 2002 )
|Miscellaneous Unix Tips II|
|Unix Review brings us:
Miscellaneous Unix Tips II.
"There's always a requirement to restrict direct logins of particular accounts on a system, such as the oracle user, but still let the DBAs be able to su(1M) to the account. My solution was to add a quick check in the /etc/profile (or /etc/.login if csh) and take advantage of the mesg command."
( Permalink: Miscellaneous Unix Tips II Submitted by Noel Wed Nov 13, 2002 )