Friday, October 28, 2005
chmod
Below are a couple of links explaining the syntax for the UNIX chmod utility which we are apt to see on various certification exams.
http://www.perlfect.com/articles/chmod.shtml
http://www.computerhope.com/unix/uchmod.htm
There are two syntax:
1) chmod u+rwx filename.ext
2) chmod 700 filename.ext
They do not have the same effect.
If filename had permissions r--r--r--
the first synatax would result in rwxr--r--
but the second in rwx------
http://www.perlfect.com/articles/chmod.shtml
http://www.computerhope.com/unix/uchmod.htm
There are two syntax:
1) chmod u+rwx filename.ext
2) chmod 700 filename.ext
They do not have the same effect.
If filename had permissions r--r--r--
the first synatax would result in rwxr--r--
but the second in rwx------
Tuesday, October 25, 2005
Kerberos
A number of classes that I teach include some discussion of Kerberos. None try to explain how it works with any thouroughness. Some go deeper than others. When Laura Robinson taught the Windows Server 2003 trainer-prep class, she went into considerable depth without refering to notes. When I need to refresh my own knowledge, finding a place on the Internet is helpful.
In the past, I've used these two links:
http://www.labmice.net/Security/kerberos.htm
http://www.microsoft.com/technet/prodtechnol/windows2000serv/maintain/security/kerberos.mspx
Today, I re-discoveed http://www.faqs.org and there I found a good wide-ranging discussion of things Kerberos (http://www.faqs.org/faqs/kerberos-faq/general/) that included the debate over the spelling of the name--some people remembered Cerberus as the gardian of the gate to the underworld.
Within that topic was a recommendation for the following guides:
http://web.mit.edu/kerberos/www/dialogue.html
http://www.isi.edu/~brian/security/kerberos.html
In the past, I've used these two links:
http://www.labmice.net/Security/kerberos.htm
http://www.microsoft.com/technet/prodtechnol/windows2000serv/maintain/security/kerberos.mspx
Today, I re-discoveed http://www.faqs.org and there I found a good wide-ranging discussion of things Kerberos (http://www.faqs.org/faqs/kerberos-faq/general/) that included the debate over the spelling of the name--some people remembered Cerberus as the gardian of the gate to the underworld.
Within that topic was a recommendation for the following guides:
http://web.mit.edu/kerberos/www/dialogue.html
http://www.isi.edu/~brian/security/kerberos.html
Managing logs on Linux computers
Monitoring logs for suspicious activity is important but also difficult. Logcheck is a utility that can help and that comes pre-configured with some Linux implimentations.
http://sourceforge.net/projects/sentrytools/
http://sourceforge.net/projects/sentrytools/
White Box Linux
Thanks to a friend at work, another Linux choice has come to my attention:
http://www.whiteboxlinux.org/
Quoting from thier web page:
"What is the goal for White Box Linux?
"To provide an unencumbered RPM based Linux distribution that retains enough compatibility with Red Hat Linux to allow easy upgrades and to retain compatibility with their Errata srpms. Being based off of RHEL3 means that a machine should be able to avoid the upgrade treadmill until Oct 2008 since RHEL promises Errata availability for five years from date of initial release and RHEL3 shipped in Oct 2003.
"Or more briefly, to fill the gap between Fedora and RHEL.
"Why was White Box Linux created?
"White Box Linux's initial creation has been sponsored by the Beauregard Parish Public Library in DeRidder, LA USA out of self interest. We have several servers and over fifty workstations running Red Hat Linux and were left high and dry by their recent shift in business plan. Our choices were a difficult migration to another distribution or paying RedHat an annual fee greater than the amortized value of our hardware. So we chose a third path, made possible by the power of Open Source.... White Box Linux. "
http://www.whiteboxlinux.org/
Quoting from thier web page:
"What is the goal for White Box Linux?
"To provide an unencumbered RPM based Linux distribution that retains enough compatibility with Red Hat Linux to allow easy upgrades and to retain compatibility with their Errata srpms. Being based off of RHEL3 means that a machine should be able to avoid the upgrade treadmill until Oct 2008 since RHEL promises Errata availability for five years from date of initial release and RHEL3 shipped in Oct 2003.
"Or more briefly, to fill the gap between Fedora and RHEL.
"Why was White Box Linux created?
"White Box Linux's initial creation has been sponsored by the Beauregard Parish Public Library in DeRidder, LA USA out of self interest. We have several servers and over fifty workstations running Red Hat Linux and were left high and dry by their recent shift in business plan. Our choices were a difficult migration to another distribution or paying RedHat an annual fee greater than the amortized value of our hardware. So we chose a third path, made possible by the power of Open Source.... White Box Linux. "
Friday, October 21, 2005
LINUX & RedHat: Getting Started
A few links that got me started:
http://www.redhat.com/en_us/USA/fedora/ -- where I downloaded Fedora
http://www.redhat.com
http://www.linux.org/
For help, Google & Groups:
http://groups.google.com/group/RedHatGovUsers?lnk=oa&hl=en -- for government users
http://groups.google.com/group/comp.os.linux?lnk=oa&hl=en -- comp.os.linux
http://groups.google.com/group/comp.os.linux.redhat?lnk=oa&hl=en -- comp.os.linux.redhat
http://groups.google.com/group/redhat-linux-fedora?lnk=oa&hl=en -- RedHat Fedora
...and because I run Linux in VMWare virtual machines:
http://groups.google.com/group/vmware.guest.linux?lnk=oa&hl=en
For the recipe, step-by-step on installing vmware tools for Linux:
http://www.vmware.com/support/ws5/doc/new_guest_tools_ws.html
http://www.redhat.com/en_us/USA/fedora/ -- where I downloaded Fedora
http://www.redhat.com
http://www.linux.org/
For help, Google & Groups:
http://groups.google.com/group/RedHatGovUsers?lnk=oa&hl=en -- for government users
http://groups.google.com/group/comp.os.linux?lnk=oa&hl=en -- comp.os.linux
http://groups.google.com/group/comp.os.linux.redhat?lnk=oa&hl=en -- comp.os.linux.redhat
http://groups.google.com/group/redhat-linux-fedora?lnk=oa&hl=en -- RedHat Fedora
...and because I run Linux in VMWare virtual machines:
http://groups.google.com/group/vmware.guest.linux?lnk=oa&hl=en
For the recipe, step-by-step on installing vmware tools for Linux:
http://www.vmware.com/support/ws5/doc/new_guest_tools_ws.html
Thursday, October 20, 2005
Tripwire Intrusion Detection
http://www.tripwire.org had a utility that records checksums and hashes of key files so you can tell if an intruder has changed anything. Roderick Smith's Linux+ Study Guide suggests installing this on freshly installed systems before they are connected to the Internet.
Wednesday, October 19, 2005
Spyware issues? Try this...
http://www.greyknight17.com/
Tuesday, October 18, 2005
Security Improvements at Microsoft?
Ran across a great article in NY Times, today, citing the way Microsoft is improving on their security record.
http://www.nytimes.com/2005/10/17/technology/17hackers.html?ex=1287201600&en=4d4cb558c1b07137&ei=5088&partner=rssnyt&emc=rss
George Stathakopoulos, the general manager for security has the lead job for Microsoft. It sounds like much progress has been made.
http://www.nytimes.com/2005/10/17/technology/17hackers.html?ex=1287201600&en=4d4cb558c1b07137&ei=5088&partner=rssnyt&emc=rss
George Stathakopoulos, the general manager for security has the lead job for Microsoft. It sounds like much progress has been made.
