Like IPv6, DNSSEC is one of those great forward-looking protocols that
unfortunately hasn't seen wide adoption yet. Before I implemented it myself, I
could see why. Although some people think BIND itself is difficult to set up, DNSSEC
adds an extra layer of keys, key management and a slew of additional DNS
This year's Reader's Choice issue was truly fun to put together. No,
not just because you do all the work (voting), but because it's great
to get a feel for what our community is buzzing about. Based on your
feedback, we've given you all the data again this
year, with percentages and rankings, plus we tried to include as many
of your less-popular responses as possible. more>>
During the past month or so, I've also been dealing with an aggressive DDOS
(that's a "distributed denial of service") attack on my server, one
that's been a huge pain, as you might expect. What's odd is that with
multiple domains on the same server, it's one of my less-popular sites that
seems to have been the target of the attacks.
In past articles, I've explained how to set up a SOCKS proxy with SSH. I've demonstrated how to tunnel traffic with SSH. I've even shown how to circumvent a company firewall with SSH. I've never been able to use SSH completely as a VPN, however, and that's always bummed me out—until I discovered sshuttle. more>>
Every security policy provides guidance and requirements for ensuring adequate protection of information and data, as well as high-level technical and administrative security requirements for a system in a given environment. Traditionally, providing security for a system focuses on the confidentiality of the information on it. more>>
When it comes to public key cryptography, most systems today are still stuck in
the 1970s. On December 14, 1977, two events occurred that would change the
world: Paramount Pictures released Saturday Night
Fever, and MIT filed the
patent for RSA. more>>
Password authentication contains a lot of assumptions about security and
trust. Encrypted SSH tunnels and public key verification are two common
ways to ensure that your password is not compromised in transit. But,
what if it's the computer you're currently typing on that can't be
I'm the sort of person who doesn't like to install Java. I actually don't
like to install Flash either, but it's still tough to survive browsing
the Internet without Flash installed. There is one program that makes
me break my own rules, however, and that's Crashplan.
Years ago, I had the brilliant idea that all my users in the finance department should have complex passwords. This made perfect sense to everyone, since dealing with millions of dollars of revenue is something that should be secured. So, the passwords were changed with complexity requirements enforced. I slept better that night knowing our paychecks were no longer secured by passwords like "mustang" or "mrwhiskers".
Storing backups in the cloud requires a level of trust that not everyone
is willing to give. While the convenience and low cost of automated,
off-site backups is very compelling, the reality of putting personal data
in the hands of complete strangers will never sit quite right with
For a long time, my password tracking system was quite simplistic:
hope I remembered the right passwords for each site or record
them in an ordinary word-processor document. Such methods obviously
have great flaws. I might have a hard time remembering a password for an
infrequently used site, and a word-processor document isn't the most
secure place to store passwords. more>>
As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.
Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.
In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.