Charly's Column The Sysadmin’s Daily Grind: ArpalertDec 01, 2006
Corporate policies prohibit the unauthorized connection of hardware to the company network, threatening dire consequences in the case of non-compliance. Fair enough, but how do you actually go about catching somebody trying to plug an illegal laptop into your Ethernet?more »
Charly's Column The Sysadmin’s Daily Grind: EthtoolApr 01, 2006
A touchy LAN that plays like a movie diva can spoil any admin’s day. Ethtool to the rescue!more »
Netfilter L7 Blocking protocols at Layer 7 with the L7 patchMar 01, 2006
If you need a tool for filtering protocols that doesn’t depend on the port, try L7, an IPTables patch that operates through regular expressions.more »
TCP Hijacking Understanding and preventing TCP attacksSep 01, 2005
It is quite easy to take a TCP connection down using a RST attack, and this risk increases with applications that need long-term connections, such as VPNs, DNS zone transfers, and BGP. We’ll describe how a TCP attack can happen, and we’ll show you some simple techniques for protecting your network.more »
Charly's Column The Sysadmin’s Daily Grind: SmokepingMay 01, 2005
If you do not receive a response to a ping, or if the response is seriously delayed, you might like to take this as a warning. But who wants to ping all day? You need a ping-based monitoring utility like Smokeping.more »
New flaw in an old encryption scheme leaves the experts scrambling to disable SSL 3
Lennart Poettering wants to change the way Linux developers talk to each other.
Enterprise giant frees itself from ink and home PCs (and visa versa).
Mozilla’s product think tank sinks silently into history.
TODO group will focus on open source tools in large-scale environments.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.