Syslog-ng Configuration For Newbies

Some time ago I was asked by my friend to recommend a cost-free solution that he could use for storing logs of his security device over network. The Linux OS with installed syslog-ng is perfectly suitable for this job because it can collect logs from any source, process them in near real-time and deliver them to a wide variety of destinations. However it was challenge to explain all the steps in an easy manner as he was a total newbie in a Linux world. For this reason I wrote a basic installation and configuration manual for him which I share with you. The manual helps you to setup syslog-ng on Ubuntu server and troubleshoot the possible issues.

1. Install Ubuntu 16.04 Server Edition

During Ubuntu installation you are asked to provide the username/password and IP settings. Once an installation process finishes, the system is rebooted. when you get your console again, login and install updates with the command:

$ sudo su
# apt-get update
# apt-get upgrade

2. Install and Configure Syslog-ng

# apt-get install syslog-ng

First, you need to download a simple configuration file that I created for you.

# cd /etc/syslog-ng/conf.d
# wget http://brezular.com/wp-content/uploads/2016/12/firewals.conf_.txt -O firewals.conf
# Continue reading

Lavabit developer has a new encrypted, end-to-end email protocol

The developer behind Lavabit, an email service that noted leaker Edward Snowden used, is releasing source code for an open-source end-to-end encrypted email standard that promises surveillance-proof messaging. The code for the Dark Internet Mail Environment (DIME) standard will become available on Github, along with an associated mail server program, said its developer Ladar Levison on Friday. DIME will work across different service providers and perhaps crucially will be "flexible enough to allow users to continue using their email without a Ph.D. in cryptology," said Levison. To coincide with its launch, Levison is also reviving Lavabit. The encrypted email service shut down in 2013 when federal agents investigating Snowden demanded access to email messages of his 410,000 customers, including their private encryption keys.To read this article in full or to leave a comment, please click here

Lavabit developer has a new encrypted, end-to-end email protocol

The developer behind Lavabit, an email service that noted leaker Edward Snowden used, is releasing source code for an open-source end-to-end encrypted email standard that promises surveillance-proof messaging. The code for the Dark Internet Mail Environment (DIME) standard will become available on Github, along with an associated mail server program, said its developer Ladar Levison on Friday. DIME will work across different service providers and perhaps crucially will be "flexible enough to allow users to continue using their email without a Ph.D. in cryptology," said Levison. To coincide with its launch, Levison is also reviving Lavabit. The encrypted email service shut down in 2013 when federal agents investigating Snowden demanded access to email messages of his 410,000 customers, including their private encryption keys.To read this article in full or to leave a comment, please click here

Apple sues Qualcomm over patent licensing and $1B in payments

A nasty spat between Apple and Qualcomm broke into public view on Friday when the smartphone maker accused the chip supplier of charging "exorbitant" licensing fees for its cellular technology.Apple is asking a Southern California court to order Qualcomm to pay it nearly $1 billion that it says Qualcomm is holding back. Apple says it is owed the money but Qualcomm is holding it back because Apple cooperated with a South Korean government investigation into Qualcomm's licensing practices.The lawsuit alleges that Qualcomm charges high licensing fees to the companies that make iPhones for Apple. Those companies pass the fees on to Apple but aren't allowed to show Apple the specifics of the licensing deals, leaving Apple unsure what it is paying for.To read this article in full or to leave a comment, please click here

New details emerge about Intel’s super-small Euclid computer for robots

Intel is getting proficient at developing small computers. First, came its Compute Sticks and then its credit-card-shaped Compute Cards.But nothing's quite like the mysterious Euclid, which is a self-contained computer the size of a thumb designed to be the brains and eyes of a robot.More details have emerged about the computer, which was announced in August and has yet to be released.The Euclid is so small and light that's possible to hold like a pen. It has a built-in 3D RealSense camera, making it like a PC fused into a Microsoft Kinect.The design makes it possible to install the Euclid where the eyes of a human-like robot would be typically placed. The 3D RealSense camera will act as the eyes of a robot, capturing images in real-time and helping with movement.To read this article in full or to leave a comment, please click here

Microsoft will soon end Office 2013 distribution through Office 365

Get ready, Office 365 administrators: Microsoft is ending support for the Office 2013 client apps that it previously distributed through its cloud-based productivity service. Instead, administrators and users will be pushed to use Office 2016, the latest version of the productivity suite that includes Word, Excel, and PowerPoint.Starting on Feb. 28, users won’t be able to download the Office 2013 apps from the Office 365 self-service portal, and they won’t be downloadable through the Office 365 Admin Center. Microsoft also won’t release feature updates for those products, and won’t provide support through Customer Service Support or Premier Support.To read this article in full or to leave a comment, please click here

Researchers propose a way to use your heartbeat as a password

Researchers at Binghamton State University in New York think your heart could be the key to your personal data. By measuring the electrical activity of the heart, researchers say they can encrypt patients' health records.  The fundamental idea is this: In the future, all patients will be outfitted with a wearable device, which will continuously collect physiological data and transmit it to the patients' doctors. Because electrocardiogram (ECG) signals are already collected for clinical diagnosis, the system would simply reuse the data during transmission, thus reducing the cost and computational power needed to create an encryption key from scratch.To read this article in full or to leave a comment, please click here

Researchers propose a way to use your heartbeat as a password

Researchers at Binghamton State University in New York think your heart could be the key to your personal data. By measuring the electrical activity of the heart, researchers say they can encrypt patients' health records.  The fundamental idea is this: In the future, all patients will be outfitted with a wearable device, which will continuously collect physiological data and transmit it to the patients' doctors. Because electrocardiogram (ECG) signals are already collected for clinical diagnosis, the system would simply reuse the data during transmission, thus reducing the cost and computational power needed to create an encryption key from scratch.To read this article in full or to leave a comment, please click here

Augmented reality is more than just holograms

Holographic headsets are a central theme to augmented reality (AR) today, but the recent AR in Action Conference demonstrated the diversity of the field and the potential to include many more technologies to augment humans. The AR in Action Conference, held at the MIT Media Lab, expanded the definition of AR through a TED conference-like lens, delivering 70 diverse curated talks and 32 panels over two days to over 1,000 experts and practitioners in the field. As Chris Croteau, general manager of Intel’s Wearable Device Group, said: “A liberal definition of AR focuses on the way data is presented to users and how they interact with it. The popular definition of the AR platform as a holographic projection system like the Hololens, Meta and ODG headsets limits what AR can be.”To read this article in full or to leave a comment, please click here

Cluster HAT, the easiest way to build a Raspberry Pi Zero cluster

I recently compiled a list of Raspberry Pi clusters and reader Alex Hortin wrote in to suggest I looked at a cluster framework for up to four Raspberry Pi Zeros called the Cluster HAT produced by 8086 Consultancy. In case you haven’t come across the term, the “HAT” part of Cluster HAT, means that the device implements the Raspberry Pi Foundation’s Hardware Attached on Top system for add-on hardware. The Foundation’s 2014 blog post announcing the standard explains:To read this article in full or to leave a comment, please click here

If your data lake turned into a data swamp, it might be time to take the next step

As the the leader of Deloitte’s analytics practice, Paul Roma directs the company's analytics offerings across all businesses, so he sees companies struggling with a range of issues.  Network World Editor in Chief John Dix recently talked to Roma about everything from what analytics problems companies are facing (Hint: the swamp reference above), to tools that help extract more value (cognitive analytics and machine learning), and even the executive management roles that are evolving (the title doesn’t matter much, but ownership of the problem does).  Deloitte Paul Roma, Chief Analytics Officer, DeloitteTo read this article in full or to leave a comment, please click here

Worth Reading: Content delivery networks move data closer to the edge

Content delivery networks (CDNs) are the new “middleware” that connect the users who work and live at the network’s endpoints with the bulk of data resources that are increasingly centralized in the cloud. Many industry watchers admit being caught by surprise as the expected decline in “hyperscale” data centers failed to materialize. Data centers continue to grow in size, but the total number of data centers hasn’t declined as expected, according to an article in Data Center Knowledge. —The New Stack

The post Worth Reading: Content delivery networks move data closer to the edge appeared first on 'net work.

The CSO guide to top security conferences

There is nothing like attending a face-to-face event for career networking and knowledge gathering, and we don’t have to tell you how helpful it can be to get a hands-on demo of a new tool or to have your questions answered by experts.To read this article in full or to leave a comment, please click here(Insider Story)

The CSO guide to top security conferences

There is nothing like attending a face-to-face event for career networking and knowledge gathering, and we don’t have to tell you how helpful it can be to get a hands-on demo of a new tool or to have your questions answered by experts.Fortunately, there are plenty of great conferences coming up in the months ahead.If keeping abreast of security trends and evolving threats is critical to your job — and we know it is — then attending some top-notch security conferences is on your must-do list for 2017.From major events to those that are more narrowly focused, this list from the editors of CSO, will help you find the security conferences that matter the most to you.To read this article in full or to leave a comment, please click here(Insider Story)

Trump nominee suggests IRS cybersecurity and staffing boosts

Cybersecurity and staffing upgrades at the Internal Revenue Service appear to be in store, assuming Steven Mnuchin is confirmed as Treasury Secretary in the new Trump Administration.Mnuchin, a former CIO and executive vice president for Goldman Sachs, told senators in a five-hour confirmation hearing on Thursday that he is "very concerned about the lack of first-rate technology at the IRS" as well as staff cuts in recent years. Mnuchin is expected to be confirmed, and would likely work with Trump to pick the next IRS director.To read this article in full or to leave a comment, please click here

Trump nominee suggests IRS cybersecurity and staffing boosts

Cybersecurity and staffing upgrades at the Internal Revenue Service appear to be in store, assuming Steven Mnuchin is confirmed as Treasury Secretary in the new Trump Administration.Mnuchin, a former CIO and executive vice president for Goldman Sachs, told senators in a five-hour confirmation hearing on Thursday that he is "very concerned about the lack of first-rate technology at the IRS" as well as staff cuts in recent years. Mnuchin is expected to be confirmed, and would likely work with Trump to pick the next IRS director.To read this article in full or to leave a comment, please click here

Half of work activities could be automated by 2055

Fears that accelerating automation is going to eat its lion's share of jobs continue to plague corporate sectors. However, new research from McKinsey Global Institute may talk folks afflicted with automation phobias down from the ledge.The research group says that although half of today’s work activities could be automated, it may not happen until 2055. Or 2035. Or even 2075. Where the statistic falls along the S curve depends on various factors, such as breakthroughs in artificial intelligence and economic conditions, says Michael Chui, a McKinsey Global Institute partner and an author of the report. Chuiand other researchers analyzed 800 occupations and 2,000 job tasks.To read this article in full or to leave a comment, please click here

Billionaire Needs a New SDN Network in Quest to Cure Cancer

The SDN network uses Juniper's programmable switches.

Spanish police nab suspected hacker behind Neverquest banking malware

Spanish police have arrested a Russian programmer suspected of developing the Neverquest banking Trojan, a malware targeting financial institutions across the world.The 32-year-old Russian citizen known as Lisov SV was arrested at the Barcelona airport, Spain's law enforcement agency Guardia Civil said on Friday.The FBI had been working with Spanish authorities to track down the suspect through an international arrest warrant, according to a statement from the agency. The FBI, however, declined to comment on the man's arrest.Neverquest is designed to steal username and password information from banking customers. Once it infects a PC, the malware can do this by injecting fake online forms into legitimate banking websites to log any information typed in. It can also take screenshots and video from the PC's desktop and steal any passwords stored locally.To read this article in full or to leave a comment, please click here

Spanish police nab suspected hacker behind Neverquest banking malware

Spanish police have arrested a Russian programmer suspected of developing the Neverquest banking Trojan, a malware targeting financial institutions across the world.The 32-year-old Russian citizen known as Lisov SV was arrested at the Barcelona airport, Spain's law enforcement agency Guardia Civil said on Friday.The FBI had been working with Spanish authorities to track down the suspect through an international arrest warrant, according to a statement from the agency. The FBI, however, declined to comment on the man's arrest.Neverquest is designed to steal username and password information from banking customers. Once it infects a PC, the malware can do this by injecting fake online forms into legitimate banking websites to log any information typed in. It can also take screenshots and video from the PC's desktop and steal any passwords stored locally.To read this article in full or to leave a comment, please click here