DÉCOUVRIRBIBLIOTHÈQUE
Tech et Jeux Vidéo
ADMIN Network & Security

ADMIN Network & Security September/October 2019

ADMIN Network & Security magazine is your source for technical solutions to the real-world problems you face every day. Published six times per year, every issue includes the latest techniques for better network security, system management, troubleshooting, performance tuning, virtualization, cloud computing, and more!

Pays:
United States
Langue:
English
Éditeur:
Linux New Media
Fréquence:
Bimonthly
Lire plus
J'ACHÈTE CE NUMÉRO
13,92 €(TVA Incluse)
JE M'ABONNE
52,19 €(TVA Incluse)
6 Numéros

dans ce numéro

3 min.
the fine art of troubleshooting

Junior system administrators have often asked, “How do you troubleshoot a problem when you have no clue where to start?” My answer has never changed: Start with the simple things first. This advice has helped me resolve every problem I’ve ever encountered over the past 20 years. Sure, some problems are difficult to solve, and some even seem impossible, but if you start with the simple things first, your chances of success are very high. People in general tend to complicate problems and solutions. They tend to reach for the least probable cause for a problem and then apply the least likely solution to resolve it. I guess it’s just human nature to assume that there is no easy problem or easy solution. I have found just the opposite. Most of…

1 min.
on the dvd

Clonezilla is a partition and disk imaging/cloning program that saves and restores only the used blocks on a hard drive for supported filesystems; unsupported filesystems are copied sector-to-sector with dd. Based on the Debian Sid repository (as of September 3, 2019) Linux kernel updated to 5.2.9-2 Supports most Linux, macOS, Windows, network, and virtual filesystems Bootable on a BIOS or UEFI machine Supports Linux kernel logical volume management (LVM) version 2, but not version 1 DEFECTIVE DVD? Defective discs will be replaced, email: cs@admin-magazine.com While this ADMIN magazine disc has been tested and is to the best of our knowledge free of malicious software and defects, ADMIN magazine cannot be held responsible and is not liable for any disruption, loss, or damage to data and computer systems related to the use of…

5 min.
news for admins tech news

Code Execution Flaws in PHP The PHP community has released updates to PHP in order to patch multiple vulnerabilities in one of the most popular programming languages. According to the Hacker News, “The vulnerabilities could leave hundreds of thousands of web applications that rely on PHP open to code execution attacks, including websites powered by some popular content management systems such as WordPress, Drupal, and TYPO3” (https://thehackernews.com/2019/09/php-programming-language.html). Out of all these vulnerabilities, the most critical one was found in the Oniguruma library that comes bundled with PHP. Red Hat released an advisory stating that the vulnerability “allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing crafted regular expressions” (https://access.redhat.com/security/cve/cve-2019-13224). If your projects use PHP, please update immediately. ESET Finds Malware That Targets Political Activists Researchers at ESET have discovered an…

13 min.
anti-theft device

If you pay attention to security from the outset, you can avoid trouble farther down the road. No company can afford to ignore security, because successful attacks can trigger legal aftershocks in the form of lawsuits (e.g., for gross negligence) and fines, as well as lost revenue. Attacks can also destroy a company’s reputation. What customer would want to hand over their data to a company if the server doors are left open? Clearly, security is important, and you are well advised to consider security an implicit factor in your business plans from the outset. Kali Linux, one of the oldest tools for systematic penetration testing (pentesting), examines systems and applications for common and known errors. The distribution comes with various pentesting tools, which, unfortunately, also bestows the rather dubious reputation…

6 min.
open the floodgates

Most Internet services rely on the Transmission Control Protocol (TCP), an interprocess communication protocol that dates back to the 1980s, an era when data streams were more like trickles by today’s standards. TCP includes the SMTP protocol for email and HTTP/1.1 and /2.0; therefore, all TCP stack optimizations have a positive effect on performance. In this article, I take a look at the TCP initial window, which defines the size of the first packet, and thus of all other packets, sent over TCP. The first Request for Comments on TCP (RFC 793) dates back to 1981 [1]. One of the important aspects of TCP has always been that it maximizes the available network bandwidth. However, it avoids overloading the individual components in the connection or their buffers by splitting the payload…

5 min.
secure paths

Domain name system security extensions (DNSSEC) was meant to solve many of the known security problems in the domain name system (DNS) protocol, but it has not really taken off and is rarely used in practice, not least because of the DNS extension’s complexity. For example, if you look at an end user, a recursive DNS request is usually made to the DNS resolver at the user’s Internet service provider (ISP), because the browser itself does not know the IP address of a particular website. The information presumably is not already stored locally or in a cache ISP-side, so the ISP takes care of responding to the DNS request and forwards it through various other DNS servers until the request arrives at the server that has a corresponding entry in its…