System News for Sun Users

Your DNS Server Is Helping DDoS Attacks

2013-05-06T16:00:00+01:00

"In the first quarter of this year, it was reported that the Internet experienced a 700 percent DDoS bandwidth increase. As DDoS attacks force more bandwidth onto a target, it means that even the largest enterprise networks can succumb to over-utilization.

DDoS attacks are growing increasingly sophisticated and take advantage of dozens, hundreds, or even thousands of compromised machines that form enormous botnets. But more importantly, they increasingly make use of non-compromised, but misconfigured, public DNS servers. Your enterprise might be responsible for these servers..."

So You Want To Be A Unix Sysadmin?

2013-04-22T16:00:00+01:00

"After several decades of administering Unix systems, I know more than I'd like to admit about 'the good, the bad, and the challenging' of Unix systems administration. I've worked in companies with as few as four employees and others with tens of thousands.

I've spent weeks doing routine, repetitive work and weeks grappling with such incredibly complex assignments that I've wondered if my brain was about to explode. I've had years in which I actually looked forward to Monday mornings and those in which I just couldn't wait for Fridays..."

Killer Open Source Admin Tools

2013-03-18T16:00:00+01:00

"Sysadmins are a unique breed. Like many of our IT brethren, we must be jacks of all trades. Mail relays, file sharing, websites.... It's a lot to shoulder, but don't fret. Open source is here to help..."

Process Hacker
Adminer
Postfix Admin
phpSysInfo
Ntop
Expect
ISPConfig
Swiss File Knife
Artica
RackTables
Rsnapshot
ISP Control Panel
UNetbootin

Read on for details.

An old IT ninja learns new Unix tricks - vim

2013-03-11T16:00:00+01:00

"It was with some fascination that I happened across Ian Langworth's "VIM after 11 years" post last week. As a vi/vim user for more than 20 years, I wasn't expecting to learn much. But to my surprise, Langworth revealed many features and tweaks I never would've sought out on my own because -- well, why would I? My vim reflexes have been built up like calluses over decades, long before many of these features and plug-ins were a glimmer in anyone's eye.

Yet I found some very old features that I either never knew about or used so sparingly that they've been archived..."

The Benefits of Hardware Neutral, Server-side Caching

2013-03-07T17:00:00+01:00

"Caching has been around as long as computers have. There�'s a cache in the CPU, at the OS, in applications like databases, even disk drives have a small cache area. Basically any device which handles an I/O operation typically uses a cache to buffer an I/O data stream. However, caching in a storage context is a little different and caching with flash as a faster storage area for improving application performance is newer still.

Storage caching has become more popular lately because of the availability of NAND flash devices. .."

How to Stress-Test Your PC Hardware

2013-03-04T17:00:00+01:00

"Modern-day PCs are more reliable than ever before, but that doesn�'t mean they're infallible. Equipment failures still happen, however rarely, and even the beefiest of computer components aren't worth their weight in silicon if they aren't dependable. Thankfully, the hot and heavy world of stress testing can help to identify critical faults before your PC craps out in the middle of a critical operation.

Whenever you buy or build a PC, swap out a major component, or overclock a piece of hardware, it's a good idea to stress-test (or "burn in") the fresh gear, which is not the same as benchmarking your rig..."

Choose the Best Servers for Virtualization & Consolidation

2013-02-25T17:00:00+01:00

"By virtualizing applications and efficiently using available server resources, you can cut down on the physical equipment you need, saving space and money. But you can't implement virtualization and benefit from consolidation if you don�'t have the right servers for the job. We'll show you some of the most important features to look for and help you get the best performance for your money..."

Fed Hack Highlights Software Patching Problem

2013-02-07T17:00:00+01:00

"The recent hack of a Federal Reserve's website highlights an ongoing problem many organizations face in trying to keep software up to date with security patches, experts says.

The Fed acknowledged on Tuesday that hackers stole non-critical information. The Anonymous group OpLastResort claimed responsibility for the break-in, which occurred on Sunday night. The group claimed the personal data of 4,000 bank executives was taken..."

Cleaning A Compromised Server: How To Detect Boater Shells, Remnants

2013-01-29T17:00:00+01:00

"My enterprise recently suffered a server breach and we're now trying to clean up. I've noticed more traffic than usual coming from the server and have heard about hackers leaving behind tools called "booter shells" after attacks to be used for future DDoS attacks. How can I tell if booter shells are infecting this server? How can I clean them off if they're on the server?..."

Server's Down: How Do I Find Out What's Wrong?

2013-01-28T17:00:00+01:00

"Many different problems can creep up on a network, so network troubleshooting skills become crucial for anyone responsible for servers or services on servers attached to a network. Linux provides a large set of network troubleshooting tools, and this article discusses a few common network problems along with how to use some of the tools available for Linux to track down the root cause..."

Problem: Server A can't talk to server B
Client or server problem?
Is it plugged in?
Is the interface up?
Is it on the local network?
Is DNS working?
No name server configured or inaccessible name server
Missing search path or name server problem
Can I route to the remote host?
Is the remote port open?
Test the remote host locally
Test for listening ports
Firewall rules
Troubleshoot slow networks
DNS issues
Find the network slowdown with traceroute

Read on for more details...

Facebook hands motherboard designs to Open Compute Project

2013-01-17T17:00:00+01:00

"Facebook has agreed to add its designs for a new common slot architecture specification for datacentre motherboards into the Open Compute Platform (OCP) initiative.

The "Group Hug" board is a datacentre motherboard that can run using a variety of system on chips (SOCs). Originally made by Facebook, the board's designs will be available for equipment makers and enterprises via the OCP.

"We are establishing a common slot for any SOC creator in the world to create a chip for a common socket," chairman of the OCP and Facebook vice president of hardware design and supply chain operations Frank Frankovsky at the OCP Summit in Santa Clara, CA..."

Open Compute Project Releases Motherboard Tailored for Financial Services Firms

2013-01-14T17:00:00+01:00

"An open source server motherboard specification designed specifically for financial services organizations has been released by the Open Compute Project and AMD at the Open Compute Summit today.

The specification, formerly known as Roadrunner, was started on the back of a napkin at a café in October 2011 at the New York Open Compute event, according to Bob Ogrey, engineering fellow and cloud technical evangelist at AMD. Today, the motherboard specification is known as AMD Open 3.0.

It is designed to provide gains in computing flexibility, efficiency and operating cost by simplifying motherboard design with a single base product to address multiple enterprise workloads, including high-performance computing, cloud infrastructure and storage. Fidelity and Goldman Sachs are currently evaluating AMD Open 3.0. Don Duet, managing director and global co-chief operating officer of the technology division at Goldman Sachs, is on the board of directors for the Open Compute Project..."

Ask This and Kiss Your Data Strategy Goodbye

2013-01-14T17:00:00+01:00

"The number one question I get from clients regarding their data strategy and data governance is, �'How do I create a business case?�'

This question is the kiss of death and here is why..."

Choosing Blindness with Business

2013-01-14T17:00:00+01:00

"Data quality practitioners often complain that business leaders are blind to the importance of data quality to business success, or that they deny data quality issues exist in their organization. As much as we wish it wasn't so, often it isn't until business leaders bump into enough of the negative effects of poor data quality that they begin to feel that something is amiss..."

Security Differentiators for Servers, Laptops: 10 Best Practices

2013-01-08T17:00:00+01:00

"Whether it's a handheld device, a desktop, laptop, server or cloud application, users need to be aware of how the data on the device or service is secured. Each IT tool requires a specific type of security; servers need custom protection of critical data without impacting performance. Blanket protection is suitable for laptops, and performance impact is a non-issue. Both servers and laptops must be protected against malicious activity. However, only servers require additional system configuration and change visibility..."

Detect and Remove Rootkits with GMER

2013-01-07T17:00:00+01:00

"You don't want a rootkit infection. Any malware compromise is bad, but rootkits--by their very nature--are especially nasty. The irony is that you might have a rootkit infection right now and not know it. That's sort of the point of a rootkit..."

5 Sysadmin Holiday Survival Tips

2012-12-12T17:00:00+01:00

"Systems administrators are already dreading the inevitable holiday tradition of receiving an 'emergency' phone call from the office workaholic, typically right as the festivities are about to begin. Often the remedies for these 'emergencies' are as simple as locating a lost file or folder, but sometimes these workaholics manage to bring down a critical system. Either way, an IT-related interruption to holiday fun can really put a damper on a sysadmin's spirit. Here are five tips to help sysadmins survive the holiday season with their spirits intact:.."

13 Things That a Unix Sysadmin Will Never Do

2012-12-12T17:00:00+01:00

"Unix systems administrators are an odd lot. We generally love doing somersaults on the command line and we don't like sharing the power, often not even with other sysadmins. We know how special we are just because most of the people we interact with can barely understand the words that we use. At the same time, we generally have work ethics that reveal a deep respect for the systems we manage and the people who use them -- or, at least, for their success in getting their work done on our servers.

So here's a list of 13 things that Unix admins just won't do...:"

Top 3 Trends in Server I/O: A Look Back, the Road Ahead

2012-12-12T17:00:00+01:00

"In 2012, we saw major updates to server platforms, but in light of massive core upgrades and more memory capacity than applications can really take advantage of, why are we still being held back by I/O? Even with PCIe Gen 3 now hitting the server market, people are starting to see that I/O just isn't keeping pace with the other platform updates. Maybe the problem isn't inside the server. Maybe the future is in view if we just think outside the box..."

How to Prevent Admin Rights Abuse

2012-12-06T17:00:00+01:00

"It has become axiomatic that financial sector organizations sit at the top end of the scale for security and reputational risk. Banks and finance firms are built on customer data and criminals are drawn to that as surely as are regulators tasked with ensuring companies safeguard it to the required legal standards.

Unfortunately, networks are necessarily built from a number of insecure elements, starting with desktop and laptop PCs. A growing theme in this area has been the use of administrator rights to enable not only common everyday software but the legacy applications that are now a fundamental part of modern banking and finance."

14 of the Most Useful Linux Websites

2012-12-03T17:00:00+01:00

"There's no getting around it -- the world of open-source/free software is pretty Balkanized. So much so, in fact, that many leading lights can't even agree on what to call the sprawling ecosystem of non-proprietary software. This means it can be far from obvious where to go for the best possible information on the topic, whether you're trying to learn some Linux basics or keep up with the latest developments. Here's a brief overview of the most useful open source websites.."

Four Commands To Spook A Sys Admin

2012-10-30T16:00:00+01:00

"Is there an IT systems administrator in your life? Would you like to give him (or her) a good scare this Halloween? Well, forget horror movies, black cats or kids jacked up way too many Whoppers and consider throwing a fright into him by tossing out a command that could cause his heart to skip a beat.

Now, I�'m not talking about commands written and executed by malicious people who know what they�'re doing and are trying to do harm. No, I�'m talking about commands that could be issued innocently enough by people in the organization who either don�'t know what they�'re doing, should know better or are a little too careless but which could bring a server, database or application to its knees.

Here are four classic and dangerous commands to spook your loved one with..."

Making Security Trade-Offs

2012-10-29T16:00:00+01:00

"I recently saw a research report from another analyst firm that espoused the benefits of application whitelisting (AWL). You know, the technology that defines a list of applications that are allowed to run on an endpoint and blocks anything else. It's basically default deny for endpoint devices. In concept, AWL is a great idea. Most malware probably isn't authorized to run (compromised Windows or Adobe updates excepted), so locking down the device can prevent many malware infections..."

Why Admins Should Know How To Code

2012-10-22T16:00:00+01:00

"... Bottom line: Admins need to be at least passable with some sort of scripting language for their chosen platform; ideally, they should be familiar with several. They may be VB and PowerShell on Windows or Bash and Perl on *nix. These are the pathways that open up all kinds of possibilities for problem resolution and the aforementioned elegant solutions..."

Save Our Servers: The Next Extinction Begins

2012-10-04T16:00:00+01:00

"Everyone loves the cloud. You can't go to a user convention like this week's Oracle OpenWorld without being absolutely barraged with talks, pitches, demonstrations, and handouts aimed at convincing you that the entire future of IT is floating far above the skyline. One message, of course, is that a business can save big bucks by outsourcing its infrastructure to public clouds built and hosted by the likes of Oracle and Amazon.com, not to mention Hewlett-Packard, Rackspace, and many others.

What surprises me, though, is the failure of so many cloud mavens to ask a very simple question: What effect does the cloud have on server sales? I believe the answer to that question is one word: damage..."

5 Bad Things IT Administrators Do (Video)

2012-10-01T16:00:00+01:00

"Philip Lieberman is the President at Lieberman Software Corporation and in this video talks about five awful things that IT administrators do and offers ways to fix these actions..."

Software Updates: The Good, The Bad, And The Fatal

2012-09-10T16:00:00+01:00

"A big part of IT management is handling upgrades and updates of all systems, critical and otherwise. Just about every aspect of IT, every piece of hardware and software, will need to be updated at some point along the line. It may be applying a firewall firmware upgrade or installing patches to an operating system or application stack. In every single one of those cases, there will be some degree of chance that the update blows up everything.

From a purely logistical point of view, there are only three possible outcomes to a firmware or software update:..."

Twenty Tricky SysAdmin Tasks. And How to Approach Them

2012-09-06T16:00:00+01:00

"A SysAdmin has an almost endless list of tasks they must complete on a regular basis. Some are so routine that they can be done while multitasking, others require careful attention to detail and a laser-like focus to ensure that things are done well and completely. While many admins may look at most of the tasks on this list as run of the mill, they frequently present a challenge to others. In this slideshow, Christina Goggi, writing for GFI Software, provides some tips on how to approach them..."

Six Ways to Protect Against the New Actively Exploited Java Vulnerability

2012-08-28T16:00:00+01:00

"Security researchers have proposed several methods for users to protect their computers from ongoing attacks that target a new and yet-to-be-patched vulnerability in all versions of Java Runtime Environment 7.

Most of the proposed solutions have drawbacks or are applicable only to certain system configurations and environments..."

5 Systems You're Forgetting To Patch

2012-08-22T16:00:00+01:00

"While many security advocates would likely argue that today's organizations still have lots of work to do with their endpoint patch management practices, many organizations have automated their Windows system updating procedures and are slowly dialing in their third-party application patching. But even with that progress being made, there is a whole rag-tag class of systems--many of them extremely critical--that frequently run unpatched and ridden with vulnerabilities..."