January 17, 2014 wags007

UK Government declares Linux the most secure option…

While only achieving a 9 out of twelve score in the study of the following areas:

VPN
Disk Encryption
Authentication
Secure Boot
Platform Integrity and Sandboxing
Application Whitelisting
Malicious Code Detection and Prevention
Security Policy Enforcement
External Interface Protection
Device Update Policy
Event Collection for Enterprise Analysis
Incident Response

Linux still beat Windows 7 of 12 and Mac OSX’s 8 of 12. A full synopsis can be found here from TechRepublic. Remember though no OS scored a perfect score and 9 out of 12 is still only a C. So there is plenty of room for everyone to improve.

July 1, 2013 wags007

Cool Presentation on capacity planning…

Have you ever wondered how people plan for the capacity of a system? This presentation tries to explain how to do it. It is definitely an art, but the tools used here will help you learn how to do it with logic and reason rather than hopeful optimism. That should help you keep from under or over sizing the systems you build in the future.

June 16, 2013 wags007

Ever wondered how systemd works and is different from SysVint?

Systemd is the new system that Ubuntu is using to control the boot process. It’s what makes the systems boot faster and cleaner. It does things dramatically differently than the older init.d system did.

Control Center – The systemd Linux init system

March 17, 2013 wags007

Is cron really meeting your scheduling needs?

The folks over at Airbnb were frustrated with how good old cron was not really managing their scheduled jobs. To limit the frustration they built Chronos. This week they decided to open source it. It’s built on a Java project from the Apache Project Incubator called Mesos and Maven as the backend.

For those who haven’t used it cron is about the simplest scheduling you can do. Cron works great for kicking off things like backups and basic reporting. Where cron starts to fail is when you want to do complex jobs that know to start things on a previous jobs success or manage the number of jobs that are running. The logging and reporting of cron failures is generally pretty rough. So facing these issues the team decided to write their own replacement. They additionally needed it to be able to run on multiple machines.

They started building the system, simple and with functional GUI to make management and reporting easier. To be redundant a server is chosen to be the “Leader” which keeps track and hands out work to through their API. If you do connect to a machine that isn’t the “Leader” your request is redirected to the “Leader”. If the “Leader” goes down a new “Leader” is elected. The jobs can have defences and can be run in parallel. The jobs themselves are written in interrupted BASH Shell commands. It tries it’s best to be flexible and not overly complicated.

If you are looking for a package to manage distributed schedules this one is defiantly worth a look. Here you can find a good demo talk about how they got to where they are. There are closed source options but they tend to be very complex. So this is a really nice addition to the open source world.

September 16, 2012 wags007

X11 turns 25 today…

The guys over at Phoronix reminded me that X11 turns 25 today. That’s pretty awesome news. X11 has been the basis for Windowing on Linux since windowing began there. Many have tried to replace it but so for no one has. It’s modular focus has let it last this long and makes it really hard to supplant.

Let us know what your worst X11 configuration nightmare was?

September 8, 2012 wags007

Turnkey Linux turns everything up to 12 on their 4th B-Day…

The guys over at Turnkey Linux have released version 12 of their awesome server appliance core platform. They also added 60+ new appliances. If you haven’t given them a shot I highly suggest it especially if you are new to Linux. Heck I am an old time Linux user and love the ability to just download an appliance like the one they that comes setup with the Redmine project management server and Git, Bazaar, Mercurial and Subversion SCM. Everyone of them is setup and ready for you to use. Just download the appliance in any of 7 formats from ISO images to OpenVZ VMs and so much in between. The best feature I have come to love and rely on is their server back and migration tool. They call it TKLBAM – AKA the TurnKey Linux Backup and Migration system. It allows you to take any currently existing system and back it up to S3. Then restore the backup to a new machine leaving you in the same state but on updated software. All the benefits but none of the pain. It’s an awesome idea and works well. Watch for a full review and description of my experience coming soon.

One really import change is their migration away from Ubuntu to Debian. Check out the article for a very clear description and explanation of why. The reasons are sound and hopefully the right people are listening.

Most of all though we would like to wish them a Happy 4th B-Day. Let’s hope there are plenty more in their future.

September 8, 2012 wags007

Java Zero Day Attach and it affects Linux…

This comes from our guest host Greg Martin on Google+:

Java 0-day being exploited in the wild. There have been confirmed infections on Windows-based computers but it’s possible to compromise a Mac or Linux system as well. Currently the only recommendation for mitigation is to completely disable Java.

Links for thought:

Ars Technica article: http://arstechnica.com/security/2012/08/critical-java-exploit-spreads/

In-depth breakdown of the exploit (technical with mildly poor English): http://immunityproducts.blogspot.com.ar/2012/08/java-0day-analysis-cve-2012-4681.html

Proof-of-concept for the exploit (actual source code): http://pastie.org/pastes/4594319/text

There are also some claims that Oracle have known about the vulnerabilities for some time. https://www.pcworld.com/businesscenter/article/261612/oracle_knew_about_currently_exploited_java_vulnerabilities_for_months_researcher_says.html

I’m currently testing this out on my system (Linux) to see if I can get it to work.

June 18, 2012 wags007

Your Navy drones are now running Linux….

Well they will be after Raytheon get’s done migrating them over from Windows. Redmond lost another battle against Linux and we here at Linuxinstall.net feel a little safer for it. The Navy had a small hacking issue with some of their drones and decided to replace Windows with Linux. The hope is that the open source base will result in a harder to hack and more secure system. Let’s hope that Raytheon gets it right.

April 3, 2012 wags007

One of the simplest ways to tunnel your traffic securely…

So the folks over at LinuxJournal.com wrote up a great tutorial for tunneling through SSH. What’s so great about that? Well it’s an easy way to do simple stuff securely on your home or office network. You only need to open up port 22 for SSH and point it to an SSH Server. Then you can point to a local port and use SSH to get it to your destination server securely.

Wait…Can’t someone just login to my machine that way? If you take percausions like using only SSH Keys and not passwords and use a gawk script like this one over at everythingbash.com. This script will create and send you a cool list of everyone who has and has tried logging in.

WARNING!!!! I have had several customers and friends notice that their SSH Servers just get pounded with people trying to connect using default or bogus accounts. So be sure to disable, remove or set the shell to /bin/false any account you aren’t using.

March 21, 2012 wags007

Do you want to Hangout and Talk GIT and Linux?

Git It On Tuesday, March 27 at 9pm EST

The Crew and I will be joining up with Mike Jansen in a Google+ Hangout right after we record the next podcast. We plan to discuss git, linux, and other related topics. We look forward to seeing as many of you as possible. So come on over there and join us.

This is informal and all are welcome to join. If you have any specific topics you’d like to discuss, comment on this post.

linuxinstall.net

All of the musing of old Linux Geeks

linux