In Through The Out Door

Although its features and terminology may seem strange if you’re used to more traditional Linux filesystems, ZFS offers a great deal of flexibility.

[From ZFS on FUSE]

LinucksGirl writes “Journaling file systems used to be an oddity primarily for research purposes, but today it’s the default in Linux. Discover the ideas behind journaling file systems, and learn how they provide better integrity in the face of a power failure or system crash. Learn about the various journaling file [...]

IBM Developerworks’ recent analysis of how the NSA built SELinux to withstand attacks. The article shows us some of the relevant kernel architecture and compares SELinux to a few other approaches. We’ve discussed SELinux in the past. Quoting: “If you have a program that responds to socket requests but doesn’t need [...]

Can the Linux community get over its “not invented here” ideology which has often hindered its ability to adopt technological improvements from outside sources? I keep saying myself, I hope so. But recent events have shown me that we have a long way to go until we become a culture of [...]

Role-based access control (RBAC) is a general security model that simplifies administration by assigning roles to users and then assigning permissions to those roles. Learn how RBAC in SELinux acts as a layer of abstraction between the user and the underlying TE model, and how the three pieces of an SELinux [...]

bsdphx writes “OpenSSH developers Damien Miller and Markus Friedl have recently added a nifty feature to make life easier for admins. Now you can easily lock an SSH session into a chroot directory, restrict them to a built-in sftp server and apply these settings per user. And it’s dead simple to do. If [...]

PolishLinux.org has an unconventional review of SLAX 6. RC6 which focuses on exploring the nature of LiveCDs and the power of technologies like mounting devices, SquashFS and Union File System in regards to SLAX LiveCD distribution. [From SLAX 6.0: How does it work? ]

Are you using SSH in the best way possible? Have you configured it to be as limited and secure as possible? The goal of this document is to kick in the new year with some best practices for SSH: why you should use them, how to set them up, and how [...]

Cluster SSH opens terminal windows with connections to specified hosts and an administration console. Any text typed into the administration console is replicated to all other connected and active windows. This tool is intended for, but not limited to, cluster administration where the same configuration or commands must be run on [...]

No royalties to pay in interop deal?
The Samba team has reached an agreement with Microsoft, with the software giant agreeing to disclose technical and legal information to the software libre project. Samba is by far the most widely-used software stack that allows non-Microsoft computer to talk to Windows machines, and use proprietary Microsoft network services.…
[From [...]

OSes like OpenBSD, FreeBSD, and major Linux distributions are all well within the range of popularity where obscurity does not provide security, particularly considering the similarities between these systems, the commonality of software between them, and their ubiquity as Internet-connected server systems. Couple this with the fact that — in the case of [...]

Two Storage Engine Updates

Yoggie Pico

is one of the most popular questions asked on the snort-users mailing list…. Value-added resellers (VARs) and systems integrators (SIs) may need to provide customers with validation that the network intrusion detection system (IDS) is working as expected…. I reveal some common misperceptions and offer alternatives to satisfy the majority of readers. A stateless approach for triggering Snort alerts is to generate traffic that should trigger Snort rules, but doesn’t rely on parsing Snort rule sets…. I used the Debian package net/idswakeup on Ubuntu Linux against a FreeBSD sensor running Snort 2.6.1.5 and Sguil 0.6.1.

In-depth Fedora 7 Review:If you’re a Fedora user the end of May means one thing…time for a new release! This year was no different as the Fedora project continued its aggressive six month release schedule. Fedora 7, code named “Moonshine”, is the latest version of the Red Hat influenced Linux distribution. Fedora regulars will note the absence of the word “Core” in the new name. This isn’t the only change with this release.

Anatomy of the Linux networking stack

SSH Overview:Nice article about ssh.”SSH (secure shell) is a program enabling secure access to remote file systems. Not everyone is aware of other powerful SSH capabilities, such as passwordless login, automatic execution of commands on a remote system or even mounting a remote folder using SSH! In this article we’ll cover these features and much more.”

Linux Gains Two New Virtualization SolutionsThe upcoming 2.6.23 kernel has gained two new virtualization solutions. According to KernelTrap, both Xen and lguest have been merged into the mainline kernel. These two virtualization solutions join the already merged KVM, offering Linux multiple ways to run multiple virtual machines each running their own OS.

Back up like an expert with rsync:

A Router With Just One Ethernet Port:

By Silas Brown