04.22.04
Using LDAP to Manage Unix Accounts
User management is one of the most tedious tasks in a systems administrator's job. There have been some attempts to centralize user management with NIS and NIS+. NIS fizzled out because of its security holes, and NIS+ is not very straightforward to configure. So, what's the best way to centralize user management in an environment? The answer is looking more and more like LDAP.
LDAP (Lightweight Directory Access Protocol) is quickly emerging as the standard in hierarchical data, such as user and group data. LDAP servers are designed for an "update seldom, access often" scenario. One of the roadblocks LDAP has faced in gaining popularity as a centralized user management system is the effort to get client machines to securely authenticate users. In the past, this required writing custom PAM modules or trying to configure existing ones. However, as major Unix vendors are realizing the potential of LDAP, they are including clients in the operating system.
Read The Whole Article | SysAdmin to SysAdmin: IP's binary roots
A wise man once said, "There are only 10 kinds of people in the world -- those who understand binary, and those who don't." OK, so I saw it on a T-shirt. Fact is, if you're in charge of a network, or just want to understand how your network ticks, understanding binary is a requirement. Luckily, binary isn't very difficult when it's applied to something you already know -- namely, IP addresses and subnet masks.
If you've ever run /sbin/ifconfig from a command line to see your IP address (or to see if you even have an IP address), you've undoubtedly seen something similar to 192.168.2.22. This is referred to as "dotted decimal notation," and it's a simplification created to make IP addressing more digestible to humans. Much as DNS resolves host names to IP addresses, the IP stack resolves dotted decimal addresses into binary format, so that the address above, 192.168.2.22, resolves to 11000000101010000000001000010110. And a hearty thanks goes to the good folks who gave us dotted decimal notation!
Read The Whole Article
Job Scheduling in Java
On some projects, you find you need to execute certain jobs and tasks at an exactly specified time or at regular time intervals. In this article we will see how Java developers can implement such a requirement using the standard Java Timer API, and then we will focus on Quartz, an open source library for those who need some extra features in their scheduling system.
Let's, for a start, go through few common use cases that will help you recognize situations when you could need this kind of behavior. Then we will see how to find the best solution according to your functional request.
Read The Whole Article
*** FULL FEATURED Web Hosting ***
300MB Disk Space ~ 15GB Monthly Data Transfer ~ 20 Pop Email Accounts ~ ONLY $7.96 a month >>click to see all you get |
TCP vulnerability could lead to bigger gateway protocol problems
A vulnerability in the Transmission Control Protocol discovered by researchers last year could cause greater than anticipated problems with inter-domain routing using the Border Gateway Protocol, the Department of Homeland Security warned this week.
In a Technical Cyber Security Alert published at its new Web site, the agency warned that the TCP vulnerability allows remote attackers to terminate TCP sessions, which could lead to widespread denial-of-service problems.
Read The Whole Article
Cisco Rolls Major Patches to TCP Flaw
Routing and switching giant Cisco said a security flaw in the Transmission Control Protocol (TCP) specification that could lead to major disruption of the Internet is also a potential threat to its product lines and needs to be addressed.
Cisco issued a blanket advisory Wednesday, warning that new information on the existing TCP (define) flaw affected all products that contain a TCP stack.
Read The Whole Article
*** Consumer Targeting ***
Deliver contextually relevant messages that drive click-through and conversion rates 20-40 times higher than traditional banner ads. >> 2 min. Quick Tour |
SQL Injection Signatures Evasion
In recent years, Web application security has become a focal center for security experts. Application attacks are constantly on the rise, posing new risks for the organization. One of the most dangerous and most common attack techniques is SQL Injection, which usually allows the hacker to obtain full access to the organization's Database. With the rise in SQL Injection attacks, security vendors have begun to provide security measures to protect against SQL Injection. The first ones to claim such protection have been the various Web Application Firewall vendors, followed by most IDS/IPS vendors.
Read The Whole Article
| | From the Forum: | | Domain has been hijacked | Came into the studio this morning, turned on the computer, fetched my email and discovered a message from a client that my website was down.
I opened IE6, typed in my URL, and sure enough, my DNS has been hijacked. ... |
 |
|
