May 2005
Emmett DulaneyThe Novell Certified Linux Engineer (CLE) certification, which has been available only for a short time, has gained considerable renown for its difficulty and testing method and is currently in the process of being revamped. The new exam is scheduled to go live in September, and the courses upon which it is based will be made available through Novell training centers in July.
Ed SchaeferThis month, Louis Poehlitz shares a Perl script, daily-back, which he uses to back up his home network to DVD.
Kristy WestphalAfter reading Buffer Overflow Attacks, I found myself highly frustrated at anyone who develops code and who doesn't check for buffer overflows. If you are one of those people, and you don't have this book, get a copy. If you don't choose this book, then find a book somewhere that covers this topic to similar depth. It's important to understand this topic and how to prevent buffer overflows because they are one of the oldest and most-used exploits out there.
Ben RothkeCreating an effective information security infrastructure for a large multi-national company is a challenge. Above and beyond the technology, the software, and the hardware, there are non-tangibles, specificially the cultures and laws where the security solutions, people, and technology will be deployed. Deploying technology without considering the local environment and culture is a sure-fire way to undermine a project.
Peter SalusIf you program on a Unix box or a Linux box, you use the shell. It doesn't matter whether it's sh, csh, ksh, bash, or... You use the shell. And, in all likelihood, if you use the shell, you use scripts.
Robbins and Beebe have produced a book that is really good in a variety of ways: it is well-written; it is well-organized; it is full of worthwhile examples and instances; and the code is lucid and clear.
Peter SalusIt seems to me that there are several dramatically different kinds of "security" books — the highly specific (like Cheswick, Bellovin & Rubin on Firewalls), the mammothly comprehensive (like Bishop), the totally trivial (no examples, lest I embarrass someone), and the simply useful. Harrington's Network Security falls into this last category.
Jeff BennettSupporting corporate Web sites, especially retail ones, often includes administering mail servers that perform regular mailings to large customer mailing lists. Managers are generally motivated to increase the size of these lists by any means necessary, as this is a good way to increase the customer base. In theory, the more email addresses you mail to, the more customers you have. In practice, this often means "encouraging" the people who visit your Web site to register before they can continue onto more desirable site functions -- a practice not well loved by all end users.
Joe "Zonker" BrockmeierThis month, I'll look at setting up Postfix on a Debian Sarge system. Since "Sarge" is in freeze now, it shouldn't be too much longer before it's officially released — even though many of us have been running it for our production systems for some time already.
Reinhard VoglmaierJava Concepts targets university students and assumes no prior programming knowledge. However, this does not mean that this book is useful only in the academic environment. The examples are based in an industrial environment tailored for the average Java user. Every chapter provides the reader with self-check questions and answers, programming exercises, and whole programming projects. A companion Web site provides the material needed to work through this highly instructive book.
Randal L. SchwartzIn recent months, the entertainment news was abuzz with how socialite Paris Hilton had had her Sidekick phone "hacked", revealing phone numbers for many famous people, interesting notes about possible profit participation in the "stolen" sex tape, and lurid pictures, all of which were broadcast widely on the Internet. But the quiet word amongst computer security professionals was that this wasn't a matter of hacking into her phone at all, not that the entertainment news people would know or care. Instead, certain individuals have claimed responsibility through a well-known security flaw on T-Mobile's Web site, with which the phone is synchronized. Thus, it wasn't the phone that was the source of information -- it was the Web site.
Peter SalusTwo Introductory Addresses + 19 papers + An Appendix with three [more] Introductory Addresses = A weighty anthology.
Peter LavinLike most Web developers, I have several O'Reilly books in my library. Firefox Hacks, by Nigel McFarlane, is the latest in the Hacks series from this publisher. Since I haven't read any books in this particular series, I wasn't sure what to expect. However, I know Firefox and enjoy using it because it is standards-compliant and user friendly.
Emmett DulaneyIf there is a hotter topic in computing these days than security, it would have to be high availability of services. As the need for juggling resources and handling high volumes of traffic increases on an almost exponential basis, so does the need for understanding how to plan for and address these issues and how to implement solutions that work without fail.
Joe "Zonker" BrockmeierMany Linux enthusiasts I know, myself included, would be quite happy if Microsoft Windows didn't exist. However, it's a very rare organization that operates entirely without Windows somewhere in the environment. If you're an admin for a company or an organization that uses Linux and Windows — or you want to introduce Linux into a Microsoft-only environment — then you should pick up a copy of Linux in a Windows World. The book provides a competent overview of many of the technologies you'll need to master in order to provide service to Windows clients using Linux and to bridge the gap between the two operating systems.
Peter SalusApril 10-15 the USENIX Association celebrated its 30th Birthday in Anaheim. Of course, it's 30 only if the first (May 15, 1974) was the Zero-th. And the group that met then, and the next year, wasn't USENIX — it was called "UNIX Users Group."
Ed Schaefer and Daniel SingerThis month, Daniel Singer presents Korn Shell 93 script "Expire". This script automatically deletes individual files that have timed out.
Emmett DulaneyIt's spring, and there are two ways that I know this for certain. The first is that the robins have reappeared in Indiana. The second is that there is yet another version of Visual SlickEdit on the shelves. As sarcastic as that may sound, what is undeniable is that Visual SlickEdit is one of the few products that gets better with age.
Emmett DulaneyThe Server+ certification from CompTIA is designed to certify administrators with introductory-level skills working with server hardware and software. Last month, I examined the first three domains and objectives to be found among the 80 multiple-choice questions (90 minutes to answer, with a passing score of 615) on the exam now known as SKO-002.
This month, the objectives beneath the remaining domains are listed, and comments about each (or references to where you can find more information on each of those topics) is given.
|
