ΕΛ/ΛΑΚ: Επικαιρότητα - Τελευταία Νέα

[DIMITRISG]

ειχα δκομασει πριν 2 μηνες το live cd

Ταχυτατη και με ολα τα εργαλεια για να διορθωσεις ενα προβλημα στο συστημα

 

+1

[DIMITRISG]

For those that may be more visually inclined, looking at a few pictures may prove instructive in Linux (and Apache) vs. Windows (and IIS) web server security. The more convoluted the system, the more opportunities to exploit its security:

The basic argument goes like this. In its long evolution, Windows has grown so complicated that it is harder to secure. Well, these images make the point very well. Both images are a complete map of the system calls that occur when a web server serves up a single page of html with a single picture. The same page and picture. A system call is an opportunity to address memory. A hacker investigates each memory access to see if it is vulnerable to a buffer overflow attack. The developer must do QA on each of these entry points. The more system calls, the greater potential for vulnerability, the more effort needed to create secure applications.

I don't think this is by any means conclusive, but have a peek at the Linux/Apache system calls and the Windows/IIS system calls. Both are fairly complex, but Windows takes the prize for King of Convolution.

Does this mean Linux is more secure? Not necessarily, but perhaps it does indicate that Linux can be more easily secured.

 

 

http://news.cnet.com/8301-13505_3-10024610-16.html

 

 

 

 

Linux/Apache system calls :

 

 

 

 

 

 

 

 

 

 

 

Windows/IIS system calls :

 

 

:shock::shock::shock::shock::shock::shock::shock::shock::shock::shock::shock::shock:

[Αδμιν]

Server hacked (again)

Weʼve been hit again by this: http://www.linuxmint.com/blog/?p=235

 

The good news this time is that weʼll be faster to get rid of it (weʼve got really up to date backups), the bad news is that weʼre still obviously vulnerable despite the measures we took the last time. Iʼll ask Michael (our sysadmin) to look into this and to find out how this could have happened.

http://www.linuxmint.com/blog/?p=240

 

To Trojan που κτύπησε τον server του Mint στοχεύει μόνο Win32 λειτουργικά

 

ΥΓ. Κόβω το κεφάλι μου, λινουξάς ήταν ο χάκερ.

 

[jim_p]

Πως αλλαζουν οι καιροι...

 

Βγηκε σημερα το επισημο debian live cd που διαθετει και installer. Yπηρχαν και παλιοτερα live cds του debian που ομως ητανε φτιαγμενα απο τριτους.

 

Περισοτερα εδω

http://distrowatch.com/?newsid=05058

http://blog.daniel-baumann.ch/2008/08/27

[gtroza]

ανάγκας και θεοί πείθονται

 

μένει να πειστεί και ο apoikos* !

 

* και το υπόλοιπο δωδεκάθεο, για να μη γίνει παρεξήγηση ! :mrgreen::mrgreen::mrgreen::mrgreen::mrgreen:

.

[DIMITRISG]

According to a recent IDC report highlighted by ZDNet, Linux is booming. At just 9.4 percent of the overall server market in terms of revenue in 2007, Linux has now climbed to 13.4 percent of the overall server market, with Unix at 7.7 percent and Windows at 36.5 percent. If Linux server vendors want to continue to grow, at some point they're going to have to come to grips with Windows, rather than eating into the low-hanging Unix fruit.

 

http://news.cnet.com/8301-13505_3-10027925-16.html

[DIMITRISG]

SAO PAULO, Brazil--Walk into the Ponto Frio electronics store here, which proudly displays a penguin-shaped logo, and you will find a healthy supply of Linux PCs alongside the usual Windows machines.

The store's Linux love is indicative of Brazil's deep ties to open-source software. Visit the country's universities and you'll hear about many projects using open-source software in new ways. Step into the Brazilian data centers of some of the world's most advanced financial institutions and you will see they depend on the open-source software for many key tasks.

 

http://news.cnet.com/Brazils-love-of-Linux/2009-1042_3-6245409.html

[DIMITRISG]

Use of community Linux distributions like Ubuntu, CentOS and Debian are on the rise in the enterprise

 

It's hardly news these days when RHEL or Suse Linux boots Windows or Unix off a server. And we know that commercial software vendors are paying plenty of attention to commercial open source.

 

But have you ever heard of a community version of the open source operating system displacing one of the popular commercial distributions? That's exactly what happened in Germany's third-largest public TV and radio station, according to a new report on community Linux by analyst Jay Lyman of the 451 Group.

 

[ Europe, in general, and France, in particular, lead in community-driven open source. Find out what open source lessons the French can teach us. ]

 

"Community distributions such as CentOS, Debian, and Gentoo are gaining enterprise respect for quality code, stability, response and, of course, for being 'free as in beer' and 'free as in freedom' (a common open source mantra referring to cost and freedom from vendor or standard lock-in). These community distributions are becoming a more significant market factor with growing enterprise acceptance and use of them," he writes.

Not surprisingly, the opportunity to cut costs is an important driver of community Linux, but Lyman makes an interesting point, noting that a rise in internal expertise -- and a willingness to use it -- is a key enabler of the nascent trend.

 

http://weblog.infoworld.com/tech-bottom-line/archives/2008/08/really_free_lin.html

[DIMITRISG]

There are some Linux system administrators out there who should be glad, very glad, they don't work for me because I'd be firing them today.

 

Why? Because the U.S. CERT (Computer Emergency Readiness Team) is reporting that Linux systems are being successfully attacked by crackers using compromised SSH (Secure Shell) keys. Once a system has been cracked with an illegitimate SSH key, the cracker uses local kernel exploits to gain root access and a rootkit called "phalanx2" is installed.

Once in place, phalanx2 steals more SSH keys from the compromised system. These keys are then, of course, sent to the attackers, who will use them to try to compromise other sites and... Well you get the idea.

 

So, why am I ticked off? Because to get those SSH keys in the first place they had to be vulnerable to capture. And, guess what? In the last few months there have been two occasions when it's been revealed that certain Linux distributions were wide open to attack.

 

The first time was when Debian, thanks to some really fouled up development thinking left OpenSSL on Debian, and related distributions like Ubuntu, wide open for attacks from September 17th 2006 until May 13th 2008. OpenSSL provides SSL (Secure Socket Layer) and TLS (Transport Layer Security) protection. It's used through Linux internally and in network communications for 'secure' transactions.

 

Then, much more recently, Red Hat's RHEL (Red Hat Enterprise Linux) and Fedora were briefly compromised. In these cases, Red Hat says some, not many, but some OpenSSH packages had been messed around with.

 

"No problems," said Red Hat. Funny that a few days later we're seeing successful SSH attacks on Linux servers isn't it?

OK, at this point, we don't know which, if any of these publicly acknowledged security problems, has lead to the current rash of attacks. I do know one thing though. First, that if system administrators had been awake at the switch they would have already set things right on both their Debian/Ubuntu and their Red Hat/Fedora boxes.

 

http://blogs.computerworld.com/linux_security_idiots

[Αδμιν]

FACIL an organization in Canada that promotes Free Software has sued the government of Quebec for buying Microsoft Products without quotations from other Vendors.

 

http://facil.qc.ca/en/media/20080828-facil-contests-the-quebec-government-purchasing-methods-for-software

[DIMITRISG]

In an interesting post on Lifehacker, the editors ask the readers "Why did you switch to Linux?" The question drew quite a lot of interesting responses, including some very offbeat reasons for why people made the switch. If you're under the impression that people switch solely for rebellious or "fight the man" reasons, here are some of the more interesting responses and trends that they point to.

 

USB Drives. I myself have become very enamored of my 8GB USB thumb drive, which contains lots of open source applications. In response to the Lifehacker poll, reader urmston says: "I was originally enamored with the idea of using a USB drive to hold an entire OS so I gave it a go with Ubuntu. After about a week, I started dual-booting and within another week, I realized that I wasn't using Windows at all and made the switch completely." USB thumb drives have moved beyond just being conveniences. They change the way people work.

 

Dual-Booting. Many, many respondents, in addition to the one above, used Linux in conjunction with another OS, then dumped the original OS.

 

Old Hardware. This came up in many responses. AJ.Hidel writes: "What else can run so smoothly on old hardware?"

 

Clusters. Clusters are a popular trend, and Linux is often favored for putting them together. Severnclay says: "I got interested in parallel computing, and realized that its much easier to build a cluster in Linux than in Windows."

 

Why Did You Climb Everest? Quite a few respondents gave the classic answer to the Everest question. "Because it's there," was one response, and Ender15 followed up with: "I was bored." Curiosity was frequently cited.

 

Privacy and Security. Quite a few respondents cited switching to Linux because it is where the hackers are not.

 

Divorcing the Redmond Giant. Well, truth be told, some people do switch to Linux for "fight the man" reasons. Bodybybuddha writes succinctly: "Had to break out of my abusive relationship with Microsoft." In other cases it gets a bit more complicated. BruceBates writes: "I don't get FREEDOM with Windows. With GNU/Linux, I can compile the kernel especially for my system, and select ONLY those apps which are required." Quite a few respondents specifically cited Windows Genuine Advantage as the final straw from Redmond.

 

It's Free. Hey, don't underestimate this. Shadowfirebird writes: "I was broke, Windows sucked, I had a bunch of supposedly dead computer equipment lying around." 'Nuff said.

 

http://ostatic.com/172141-blog/why-switch-to-linux

[gtroza]

Where the Linux laptops live

 

Amazon.

 

Almost one-third of the 25 top-selling laptops at Amazon.com are sold with Linux. (Shown is their top-selling Linux laptop, an Asus EEEpc 900 unit.)

 

http://blogs.zdnet.com/open-source/?p=2837

.

[jim_p]

Ανακοινωθηκαν τα νεα features του Debian 5 Lenny, καθως και το ονομα αυτου που θα το διαδεχθει: "Squeeze".

Δινοντας εμφαση στην σταθεροτητα οπως παντα, το νεο stable θα εχει για τα επομενα ~2 χρονια

* Linux kernel 2.6.26, glibc 2.7, GCC 4.3.1, X.Org 7.3 (xorg-server 1.4.2), GNOME 2.20, KDE 3.5.9, OpenOffice.org 2.4.1

* Over 25,000 binary packages available for installation

* Support for IPv6, NFS 4 and large files

* Switch /bin/sh to dash

* Minor installer improvements and a variety of live CDs as installation option.

 

Περισσοτερα στο http://distrowatch.com/weekly.php?issue=20080901 οπου θα δειτε και τα νεα features των επερχομενων Fedora 10, Ubuntu 8.10, Mandriva 2009, Opensuse 11.1 για συγκριση.

[DIMITRISG]

Intel, The hardware partner of the the famed and feared Wintel alliance, has acquired Opened hand, a UK based mobile Linux developer which will now be joining Intel's Open Source Technology Center and help Intel focus on the development of Moblin, Intel's Linux Stack for its popular Atom Processor range.

 

Details of the purchase haven't been disclosed but the chip-maker has already announced that it will still be supporting ongoing Openedhand projects such as the GUI-maker Clutter as well as Matchbox, which is an X-Window solution.

 

The firm has been working previously for the One Laptop Per Child project, Nokia - as used in Nokia's own N800 Internet Tablets - and Intel and has been an important partner in the Gnome project.

 

Now, you can be sure that Microsoft is fuming at Intel's decision as its former best pal courts Linux and Open source community and looks increasingly set to sideline Microsoft altogether in the Netbook market.

 

Nokia bought Linux Specialist Trolltech earlier this year and also owns Symbian, the most popular mobile platform around.

 

http://oss.itproportal.com/articles/2008/09/01/intel-buys-mobile-linux-startup-openedhand-all-eyes-now-microsoft/

[DIMITRISG]

An anonymous reader sends along a PCWorld recap of a new study by the 451 Group, which claims that business use of 'community' Linux distributions is on the rise — distros like Ubuntu, CentOS, and Debian, as opposed to "corporate" packages like RHEL and Suse. The trend is most evident in Europe. The article points out examples in Sweden and Germany, and cites growing in-house expertise with Linux as one factor helping enterprises get comfortable choosing Linux distros without commercial support. Interestingly, the Swedish company mentioned, Blocket.se, has made a one-off support arrangement with their hardware vendor HP:

 

"HP is really providing device driver and utility support it uses for customers running RHEL, but because the two distributions are binary-compatible, that support approach works just fine for CentOS. Blocket relies on its own engineers, systems administration, and software development to get its applications running on Linux. "

 

http://linux.slashdot.org/linux/08/09/01/0856237.shtml