Language Selection

English French German Italian Portuguese Spanish

Server: CentOS, MitM, Ceph, Kubernetes and Linux Bashing

Filed under
Server
  • Learn CentOS Part 11 - Installing and removing Packages

    In the "Learn CentOS" series, you'll learn all the skills you'll need to know to manage real servers and get you on your way to mastering the art of Linux administration.

  • How to avoid man-in-the-middle cyber attacks

    Remember, you don't have to click anything online right away, and you don't have to follow random people's instructions, no matter how urgent they may seem. The internet will still be there after you step away from the computer and verify the identity of a person or site demanding your attention.

    While MITM attacks can happen to anyone, understanding what they are, knowing how they happen, and actively taking steps to prevent them can safeguard you from being a victim.

  • Another perspective on Swift versus Ceph today

    Mark's perspective is largely founded in the fault tolerance and administrative overhead. However, let's a look at "keep using [Ceph] for object too".

    Indeed the integration of block, POSIX, and object storage is Ceph's strength, although I should note for the record that Ceph has a large gap: all 3 APIs live in separate namespaces. So, do not expect to be able to copy a disk snapshot through CephFS or RGW. Objects in each namespace are completely invisible to two others, and the only uniform access layer is RADOS. This is why, for instance, RGW-over-NFS exists. That's right, not CephFS, but NFS. You can mount RGW.

    All attempts at this sort of integration that I know in Swift always start with a uniform access first. It the opposite of Ceph in a way. Because of that, these integrations typically access from the edge inside, like making a pool that a daemon fills/spills with Swift, and mounting that. SwiftStacks's ProxyFS is a little more native to Swift, but it starts off with a shared namespace too.

  • API Priority and Fairness Alpha

    This blog describes “API Priority And Fairness”, a new alpha feature in Kubernetes 1.18. API Priority And Fairness permits cluster administrators to divide the concurrency of the control plane into different weighted priority levels. Every request arriving at a kube-apiserver will be categorized into one of the priority levels and get its fair share of the control plane’s throughput.

  • BlackBerry: Chinese cybercriminals target high-value Linux servers with weak defenses [Ed: To CBS, servers that are improperly maintained or set up are "Linux"; if it's something Windows, they won't even specify the platform and won't blame Microsoft.]

More of this FUD

When ZDNet covers "Linux"...

The headlines that omit Windows

  • Linux Servers Under Attack for a Decade

    The "Decade of the RATs Research Report," published today by BlackBerry, reveals how five Chinese APT groups targeted Linux servers, Windows systems, and mobile devices running Android in a prolonged cross-platform attack.

    Researchers said that they are confident that the APT groups "are likely comprised of civilian contractors working in the interest of the Chinese government who readily share tools, techniques, infrastructure, and targeting information with one another and their government counterparts."

Not blaming just "Linux"

  • BlackBerry uncovers hacker tools that it says opened data servers for a decade

    It says the tactics give the hackers the ability to extract information from huge amounts of valuable data from computers using the Linux operating system, which is used on most of the world’s web servers and cloud servers.

    [...]

    But, he said, BlackBerry asserts that the security industry has missed a major component of tactics used by a well-established hacker umbrella group known as WINNIT, which the company says works with China’s government.

    “As an industry, we’ve tended to focus too much on Windows-based devices because they make up the lion’s share of the devices out there,” Cornelius said.

    “But the adversaries are determined and dedicated and . . . they find any opportunity and, in this case, we’ve called out some really novel techniques they’ve used against Linux and even the Android operating system to accomplish their goals.”

    Cornelius said the point of these China-backed hacking campaigns is to exfiltrate, or steal, information that the United States has claimed is worth “multiple billions of dollars” in intellectual property.

More of this and beyond

Dark Nexus: evolving IoT botnet targets variety of devices

  • Dark Nexus: evolving IoT botnet targets variety of devices

    Security researchers are tracking a new botnet that has been in rapid development for the past several months and targets embedded devices with binaries that are cross-compiled for 12-CPU architectures.

    According to a new report from security vendor Bitdefender, the Dark Nexus botnet borrows ideas and features from previously successful IoT threats like Qbot and Mirai, but is largely an original creation by an established malware developer who advertises distributed denial-of-service (DDoS) services on YouTube and other social media websites.

    The bot client is cross-compiled for 12-CPU architectures, which means it can infect a wide variety of devices including routers, digital video recorders (DVRs) and surveillance cameras. Recent versions also deploy a SOCKSv5 proxy on the compromised systems, allowing hackers to tunnel malicious traffic through them in addition to abusing them in DDoS attacks.

More on BlackBerry

  • BlackBerry uncovers China-backed hacking campaign on Linux servers

    BlackBerry Ltd. says it has uncovered how China-backed hackers have been able to extract data from many of the world’s servers for a decade without being noticed.

    BlackBerry executive Eric Cornelius says the hackers have been skilful in disguising some of their software tools to appear like advertising software that poses a low-level security risk.

  • APTs infiltrated Linux servers undetected for nearly 10 years

    New research from BlackBerry painted a bleak picture for Linux security.

    BlackBerry on Tuesday published a report called "Decade of the RATs: Cross-Platform APT Espionage Attacks Targeting Linux, Windows and Android" that showcased how five related advanced persistent threat (APT) groups connected to the Chinese government have targeted Linux, Windows and Android devices for years.

Want to stay under the radar for a decade or more?

  • Want to stay under the radar for a decade or more? This Chinese hacking crew did it... by aiming for Linux servers

    A group of hackers operating as an offshoot of China's Winnti group managed to stay undetected for more than a decade by going open source.

    A report from BlackBerry outlines how the group, actually a collection of five smaller crews of hackers thought to be state-sponsored, assembled in the wake of Winnti and exploited Linux servers, plus the occasional Windows Server box and mobile device, for years.

    "The APT groups examined in this report have traditionally pursued different objectives and focused on a wide array of targets," BlackBerry noted.

    China's Winnti hackers (apparently): Forget the money, let's get political and start targeting Hong Kong students for protest info
    READ MORE

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Python Programming

  • The PEPs of Python 3.9

    With the release of Python 3.9.0b1, the first of four planned betas for the development cycle, Python 3.9 is now feature-complete. There is still plenty to do in terms of testing and stabilization before the October final release. The release announcement lists a half-dozen Python Enhancement Proposals (PEPs) that were accepted for 3.9. We have looked at some of those PEPs along the way; there are some updates on those. It seems like a good time to fill in some of the gaps on what will be coming in Python 3.9

  • How to Write an Installable Django App

    In the Django framework, a project refers to the collection of configuration files and code for a particular website. Django groups business logic into what it calls apps, which are the modules of the Django framework. There’s plenty of documentation on how to structure your projects and the apps within them, but when it comes time to package an installable Django app, information is harder to find. In this tutorial, you’ll learn how to take an app out of a Django project and package it so that it’s installable. Once you’ve packaged your app, you can share it on PyPI so that others can fetch it through pip install.

  • Pros and Cons of Python: A Definitive Python Web Development Guide

    Python is a powerful programming language for mobile and web development projects. It is also the most popular programming language for AI in 2020. RedI Python development’s use cases in scientific computing, statistics, and education make it one of the highly preferred programming languages for Python programmers. The open-source programming language launched in 1992 is now on the verge of becoming the most popular and used programming language. Due to the rise in demand for AI and ML applications, Python web programming is now the first thing that comes to mind for coding such applications. But is Python for web development even worth it? It definitely is. Some of the top companies use Python web programming in their technology stack.

Fedora 32 Elections

mesa 20.1.0

Hi all,

I'd like to announce Mesa 20.1.0, the first release for the 20.1 branch.

Being the first release of this new branch, there can be issues that
will be discovered now that the new code will be widely used, so you may
want to stay on the 20.0.x releases until the 20.1.1 release, scheduled
for 14 days from now on 2020-06-10.

One already known issue that I want to point out is that Unreal Engine 4
has a bug in its usage of glDrawRangeElements() causing it to be
called with a number of vertices in place of the `end` parameter,
that was recently revealed. This is an annoying bug that we haven't
worked around yet. For more details:
https://gitlab.freedesktop.org/mesa/mesa/-/issues/2917

Eric

---

Andrii Simiklit (1):
      i965/vec4: Ignore swizzle of VGRF for use by var_range_end()

Bas Nieuwenhuizen (4):
      radv/winsys:  Remove extra sizeof multiply.
      radv: Handle failing to create .cache dir.
      radv: Do not close fd -1 when NULL-winsys creation fails.
      radv: Implement vkGetSwapchainGrallocUsage2ANDROID.

D Scott Phillips (1):
      anv/gen11+: Disable object level preemption

Danylo Piliaiev (3):
      meson: Disable GCC's dead store elimination for memory zeroing custom new
      mesa: Fix double-lock of Shared->FrameBuffers and usage of wrong mutex
      intel/fs: Work around dual-source blending hangs in combination with SIMD16

Dave Airlie (1):
      llvmpipe: compute shaders work better with all the threads.

Eric Engestrom (4):
      .pick_status.json: Update to a91306677c613ba7511b764b3decc9db42b24de1
      tree-wide: fix deprecated GitLab URLs
      docs: Add release notes for 20.1.0
      VERSION: bump to 20.1.0 release

Erik Faye-Lund (1):
      zink: use general-layout when blitting to/from same resource

Gert Wollny (1):
      r600: Fix duplicated subexpression in r600_asm.c

Hanno Böck (1):
      Properly check mmap return value

Icecream95 (1):
      panfrost: Fix background showing when using discard

Jason Ekstrand (3):
      nir/lower_double_ops: Rework the if (progress) tree
      nir/opt_deref: Report progress if we remove a deref
      nir/copy_prop_vars: Record progress in more places

Kristian Høgsberg (1):
      freedreno: Use the right amount of &'s

Nataraj Deshpande (1):
      dri_util: Update internal_format to GL_RGB8 for MESA_FORMAT_R8G8B8X8_UNORM

Pierre-Eric Pelloux-Prayer (1):
      amd/addrlib: fix forgotten char -> enum conversions

Rhys Perry (1):
      nir: fix lowering to scratch with boolean access

Rob Clark (1):
      freedreno: clear last_fence after resource tracking

Samuel Pitoiset (2):
      radv: handle different Vulkan API versions correctly
      radv: update the list of allowed Android extensions

Timothy Arceri (2):
      glsl: stop cascading errors if process_parameters() fails
      glsl: fix slow linking of uniforms in the nir linker

Vinson Lee (3):
      r600/sfn: Initialize VertexStageExportForGS m_num_clip_dist member variable.
      r600/sfn: Use correct setter method.
      freedreno: Add missing va_end.

git tag: mesa-20.1.0
Read more Also: Mesa 20.1 Released With Numerous Linux Graphics Driver Improvements

Android Mirroring App ‘Scrcpy’ Just Added a Bunch of New Features

If you read this blog regularly enough you’ll be familiar with scrcpy, an ace root-free way to mirror your Android smartphone on your Ubuntu desktop and interact with it. Scrcpy is free, it’s open source, it’s awesome. Oh yeah, and it’s updated regularly! Which is what this post is about: telling you what’s new and notable in the latest release, scrcpy 1.14 — so let’s get to it! Read more