Sandra Henry-Stocker
Author Archives: Sandra Henry-Stocker
- Home → Author's archive:
Sandra Henry-Stocker
0
First step to becoming a cybersecurity pro: Linux
If you're contemplating a career in cybersecurity and haven't come up to speed on Linux, now's the time to get ramped up and here's one easy way to do it. This new book from No Starch Press was written with people like you in mind. Authored by OccupyTheWeb, Linux Basics for Hackers: Getting Started with Networking, Scripting, and Security in Kali provides everything from basic Linux command-line skills through to scripting, manipulating logging, network scanning, using and abusing system services, and remaining stealthy in the process.Why Linux is important to security Because Linux is open source, tool developers (and you) have a level of access that is unsurpassed. Linux is transparent, and that means you can learn to manipulate it in ways that are not possible with most OSes. In addition (and undoubtedly for the reason just mentioned), most cybersecurity tools are written to run on Linux.To read this article in full, please click here
0
What does ASLR do for Linux?
Address Space Layout Randomization (ASLR) is a memory-protection process for operating systems (OSes) that guards against buffer-overflow attacks. It helps to ensure that the memory addresses associated with running processes on systems are not predictable and, thus, flaws or vulnerabilities associated with these processes will be more difficult to exploit. ASLR is used today on Linux, Windows and MacOS systems. It was first implemented on Linux in 2005. In 2007, the technique was deployed on Microsoft Windows and MacOS. While ASLR provides the same function on each of these operating systems, it is implemented differently on each OS.The effectiveness of ASLR is dependent on the entirety of the address space layout remaining unknown to the attacker. In addition, only executables that are compiled as Position Independent Executable (PIE) programs will be able to claim the maximum protection from ASLR technique because all sections of the code will be loaded at random locations. PIE machine code will execute properly regardless of its absolute address.To read this article in full, please click here
0
What does ASLR do for Linux?
Address Space Layout Randomization (ASLR) is a memory-protection process for operating systems that guards against buffer-overflow attacks. It helps to ensure that the memory addresses associated with running processes on systems are not predictable, thus flaws or vulnerabilities associated with these processes will be more difficult to exploit.ASLR is used today on Linux, Windows, and MacOS systems. It was first implemented on Linux in 2005. In 2007, the technique was deployed on Microsoft Windows and MacOS. While ASLR provides the same function on each of these operating systems, it is implemented differently on each one.The effectiveness of ASLR is dependent on the entirety of the address space layout remaining unknown to the attacker. In addition, only executables that are compiled as Position Independent Executable (PIE) programs will be able to claim the maximum protection from ASLR technique because all sections of the code will be loaded at random locations. PIE machine code will execute properly regardless of its absolute address.To read this article in full, please click here
0
How ASLR protects Linux systems from buffer overflow attacks
Address Space Layout Randomization (ASLR) is a memory-protection process for operating systems that guards against buffer-overflow attacks. It helps to ensure that the memory addresses associated with running processes on systems are not predictable, thus flaws or vulnerabilities associated with these processes will be more difficult to exploit.ASLR is used today on Linux, Windows, and MacOS systems. It was first implemented on Linux in 2005. In 2007, the technique was deployed on Microsoft Windows and MacOS. While ASLR provides the same function on each of these operating systems, it is implemented differently on each one.The effectiveness of ASLR is dependent on the entirety of the address space layout remaining unknown to the attacker. In addition, only executables that are compiled as Position Independent Executable (PIE) programs will be able to claim the maximum protection from ASLR technique because all sections of the code will be loaded at random locations. PIE machine code will execute properly regardless of its absolute address.To read this article in full, please click here
0
How ASLR protects Linux systems from buffer overflow attacks
Address Space Layout Randomization (ASLR) is a memory-protection process for operating systems that guards against buffer-overflow attacks. It helps to ensure that the memory addresses associated with running processes on systems are not predictable, thus flaws or vulnerabilities associated with these processes will be more difficult to exploit.ASLR is used today on Linux, Windows, and MacOS systems. It was first implemented on Linux in 2005. In 2007, the technique was deployed on Microsoft Windows and MacOS. While ASLR provides the same function on each of these operating systems, it is implemented differently on each one.The effectiveness of ASLR is dependent on the entirety of the address space layout remaining unknown to the attacker. In addition, only executables that are compiled as Position Independent Executable (PIE) programs will be able to claim the maximum protection from ASLR technique because all sections of the code will be loaded at random locations. PIE machine code will execute properly regardless of its absolute address.To read this article in full, please click here
0
Linux commands for measuring disk activity
Linux systems provide a handy suite of commands for helping you see how busy your disks are, not just how full. In this post, we're going to examine five very useful commands for looking into disk activity. Two of the commands (iostat and ioping) may have to be added to your system and these same two commands require you to use sudo privileges, but all five commands provide useful ways to view disk activity.Probably one of the easiest and most obvious of these commands is dstat.dtstat In spite of the fact that the dstat command begins with the letter "d", it provides stats on a lot more than just disk activity. If you want to view just disk activity, you can use the -d option. As shown below, you’ll get a continuous list of disk read/write measurements until you stop the display with a ^c. Note that, after the first report, each subsequent row in the display will report disk activity in the following time interval and the default is only one second.To read this article in full, please click here
0
Open Source Containers in 2019
Open source containers are moving in a direction that many of us never anticipated. Long recognized as providing an effective way to package applications with all of their required components, some are also tackling one of the most challenging areas in the compute world today -- high performance computing or "HPC". And while containers can bring a new level of efficiency to the world of HPC, they're also presenting new ways of working for enterprise IT organizations that are running HPC-like jobs.How containers work Containers offer many advantages to organizations seeking to distribute applications. By incorporating an application's many dependencies (libraries, etc.) into self-sustainable images, they avoid a lot of installation problems. The differences in OS distributions have no impact, so separate versions of applications don't have to be prepared and maintained, thus making developers' work considerably easier.To read this article in full, please click here
0
Open-source containers move toward high-performance computing
Open-source containers are moving in a direction that many of us never anticipated.Long recognized as providing an effective way to package applications with all of their required components, some are also tackling one of the most challenging areas in the compute world today — high-performance computing (HPC). And while containers can bring a new level of efficiency to the world of HPC, they're also presenting new ways of working for enterprise IT organizations that are running HPC-like jobs.How containers work Containers offer many advantages to organizations seeking to distribute applications. By incorporating an application's many dependencies (libraries, etc.) into self-sustainable images, they avoid a lot of installation problems. The differences in OS distributions have no impact, so separate versions of applications don't have to be prepared and maintained, thus making developers' work considerably easier.To read this article in full, please click here
0
Working with tarballs on Linux
The word “tarball” is often used to describe the type of file used to back up a select group of files and join them into a single file. The name comes from the .tar file extension and the tar command that is used to group together the files into a single file that is then sometimes compressed to make it smaller for its move to another system.Tarballs are often used to back up personal or system files in place to create an archive, especially prior to making changes that might have to be reversed. Linux sysadmins, for example, will often create a tarball containing a series of configuration files before making changes to an application just in case they have to reverse those changes. Extracting the files from a tarball that’s sitting in place will generally be faster than having to retrieve the files from backups.To read this article in full, please click here
0
How Java has stood the test of time
Java has survived for more than two decades and continues to be one of the top programming languages in use today. What accounts for the language's success and how has it changed to accommodate more modern technology?Java's rise to power Java initially appeared in 1995, evolving from a 1991 innovation called "Oak". It was apparently the right time for engineers looking to grow distributed systems. Some of the more popular languages back then -- C, C++, and even Cobol for some efforts -- involved steep learning curves. Java's multi-threading, allowing the concurrent execution of two or more parts of a program, ended the struggle to get multi-tasking working. Java quickly became the de facto language for mission-critical systems. Since that time, new languages have come and gone, but java has remained entrenched and hard to replace. In fact, Java has stood as one of the top two computing languages practically since its initial appearance as this Top Programming Languages article suggests.To read this article in full, please click here
0
Using ss to examine network connections
The ss (socket statistics) command provides a lot of information on network activity by displaying details on socket activity. One way to get started, although this may be a bit overwhelming, is to use the ss -h (help) command to get a listing of the command's numerous options. Another is to try some of the more useful commands and get an idea what each of them can tell you.One very useful command is the ss -s command. This command will show you some overall stats by transport type. In this output, we see stats for RAW, UDP, TCP, INET and FRAG sockets. $ ss -s Total: 524 TCP: 8 (estab 1, closed 0, orphaned 0, timewait 0) Transport Total IP IPv6 RAW 2 1 1 UDP 7 5 2 TCP 8 6 2 INET 17 12 5 FRAG 0 0 0 Raw sockets allow direct sending and receiving of IP packets without protocol-specific transport layer formatting and are used for security appliications such as nmap TCP provides transmission control protocol is the primary connection protocol UDP (user datagram protocol) is similar to TCP but without the error checking INET includes both of the above (INET4 and INET6 can be Continue reading
0
Using the Linux ss command to examine network and socket connections
The ss (socket statistics) command provides a lot of information by displaying details on socket activity. One way to get started, although this may be a bit overwhelming, is to use the ss -h (help) command to get a listing of the command's numerous options. Another is to try some of the more useful commands and get an idea what each of them can tell you.One very useful command is the ss -s command. This command will show you some overall stats by transport type. In this output, we see stats for RAW, UDP, TCP, INET and FRAG sockets.$ ss -s Total: 524 TCP: 8 (estab 1, closed 0, orphaned 0, timewait 0) Transport Total IP IPv6 RAW 2 1 1 UDP 7 5 2 TCP 8 6 2 INET 17 12 5 FRAG 0 0 0 Raw sockets allow direct sending and receiving of IP packets without protocol-specific transport layer formatting and are used for security appliications such as nmap. TCP provides transmission control protocol and is the primary connection protocol. UDP (user datagram protocol) is similar to TCP but without the error checking. INET includes both of the above. (INET4 and INET6 can be viewed separately Continue reading
0
What to expect of Linux in 2019
2019 just might be the Year of Linux — the year in which Linux is fully recognized as the powerhouse it has become. With Linux playing key roles in the Internet of Things (IoT), cloud technology, supercomputing and artificial intelligence (AI), and with a plethora of conferences and new releases on the horizon, Linux is poised to have a very exciting 2019. Let’s examine some of what we can expect to see.Linux behind the scenes The fact is that most people today are using Linux without ever knowing it — whether on their phones, online when using Google, Facebook, Twitter, GPS devices, and maybe even in their cars, or when using cloud storage for personal or business use. While the presence of Linux on all of these systems may go largely unnoticed by consumers, the role that Linux plays in this market is a sign of how critical it has become.To read this article in full, please click here
0
Linux will seem to be everywhere in 2019
IDG 2019 just might be the Year of Linux — the year in which Linux is fully recognized as the powerhouse it has become. With Linux playing key roles in the Internet of Things (IoT), cloud technology, supercomputing and artificial intelligence (AI), and with a plethora of conferences and new releases on the horizon, Linux is poised to have a very exciting 2019. Let’s examine some of what we can expect to see.To read this article in full, please click here
0
Selectively deploying your superpowers on Linux
The sudo command is very handy when you need to run occasional commands with superuser power, but you can sometimes run into problems when it doesn’t do everything you expect it should. Say you want to add an important message at the end of some log file and you try something like this:$ echo "Important note" >> /var/log/somelog -bash: /var/log/somelog: Permission denied OK, it looks like you need to employ some extra privilege. In general, you can't write to a system log file with your user account. Let’s try that again with sudo.$ sudo !! sudo echo "Important note" >> /var/log/somelog -bash: /var/log/somelog: Permission denied Hmm, that didn't work either. Let's try something a little different.To read this article in full, please click here
0
RHEL 8 Beta arrives with application streams and more
The leading enterprise Linux platform is now available in a new and highly innovative Beta release. Among other highlights that promise a transformation of business IT well into the future, Red Hat Enterprise Linux 8 Beta: Introduces application streams separating user space packages from core kernel operations and making it easier to update user packages without requiring major version updates of the OS itself. Provides security updates with both OpenSSL 1.1.1 and TLS 1.3 supported. Includes Composer to make it easier for both new and experienced Red Hat Enterprise Linux users to build and deploy custom images across the hybrid cloud. Adds Stratis — a new volume-management file system that is faster, more efficient and easier to manage than its predecessors. Much of the impetus for RHEL 8 has been the growing need for a common foundation that can span every IT stronghold from the data center to multiple public clouds and make application delivery a lot more manageable. Four years have passed since RHEL 7 came our way, and so much has changed in the world of IT since then, with continued virtualization and containerization along with a growing need for rapid deployment.To read Continue reading
0
The future of Red Hat: How will IBM’s acquisition affect the company?
Only 11 days have passed since the announcement about IBM’s acquisition of Red Hat. Yet industry analysts are busily projecting the effects that this notable acquisition will have on the future of Red Hat.Having had a chance to compare notes with Richard Slater, principal consultant and DevOps/SRE Leader at Amido (an independent, vendor-agnostic technical consultancy focused on cloud native technology and located in London), I feel compelled to toss some reflections and a few hopes into the mix.To read this article in full, please click here
0
Latest supercomputer runs Red Hat Enterprise Linux (RHEL)
On Oct. 26, the National Nuclear Security Administration (NNSA) — part of the Department of Energy — unveiled the latest supercomputer. It's named Sierra and is now the third-fastest supercomputer in the world.Sierra runs at 125 petaflops (peak performance) and will primarily be used by the NNSA for modeling and simulations as part of its core mission of ensuring the safety, security, and effectiveness of the U.S.'s nuclear stockpile. It will be used by three separate nuclear security labs — Lawrence Livermore National Labs, Sandia National Laboratories, and Los Alamos National Laboratory. And it's running none other than Red Hat Enterprise Linux (RHEL).To read this article in full, please click here
0
Latest supercomputer runs Red Hat Enterprise Linux (RHEL)
On Oct. 26, the National Nuclear Security Administration (NNSA) — part of the Department of Energy — unveiled the latest supercomputer. It's named Sierra and is now the third-fastest supercomputer in the world.Sierra runs at 125 petaflops (peak performance) and will primarily be used by the NNSA for modeling and simulations as part of its core mission of ensuring the safety, security, and effectiveness of the U.S.'s nuclear stockpile. It will be used by three separate nuclear security labs — Lawrence Livermore National Labs, Sandia National Laboratories, and Los Alamos National Laboratory. And it's running none other than Red Hat Enterprise Linux (RHEL).To read this article in full, please click here
0
IBM-Red Hat deal: What the companies say
IBM announced yesterday that it is buying Red Hat for $34 billion, making it IBM's largest deal to date and the third largest in the history in the US tech industry.After announcing the plan to close the deal sometime in the second half of next year, executives from the two companies held a joint conference call fleshing out the details. Here's what they had to say.According to Arvind Krishna, Senior Vice President of Hybrid Cloud at IBM, this move represents a "game changer" that will redefine the cloud market. Krishna was joined by Paul Cormier, Executive Vice President and President of Products and Technologies at Red Hat.To read this article in full, please click here