Using static passwords for authentication, as it is commonly done, has quite a few security drawbacks: passwords can be guessed, forgotten, written down and stolen, eavesdropped or deliberately being told to other people. A better, more secure way of authentication is the so called "two-factor" or "strong authentication" based on one time passwords. Instead of authenticating with a simple password, each user carries a device ("token") to generate passwords that are valid only one time.
client for: Standard phone and BlackBerry (J2ME) iPhone Google Android Windows Phone 7 PalmOS webOS Maemo Openmoko Universal Web App Windows Linux MacOS
Server-Side: Mobile-OTP Authentication Server (MOTP-AS) Full blown RADIUS server specifically for Mobile-OTP. include: - authenticating users by RADIUS (and optionally PAM or Apache) - SQL database for user/device configuration - Administration Web Interface
Open Monitoring Distribution – Wiki – OMD – Welcome to OMD – the Open Monitoring Distribution. OMD implements a completely new concept of how to install, maintain and update a monitoring system built on Nagios.
OMD avoids the tedious work of manually compiling and integrating Nagios addons while at the same time avoiding the problems of pre-packaged installations coming with your Linux distribution, which are most times outdated and provide no regular updates.
OMD bundles Nagios together with many important addons and can easily be installed on every major Linux distribution. We provide prebuilt packages for all enterprise Linux distributions and also for some other, such as Ubuntu 11.04.
Squid kerberos authentication and ldap authorization in Active Directory « Klaubert’s Blog – The squid web cache include a authenticator for kerberos, it is simple to use, but the documentation is not very clear about how to make it work. Below some steps use by me to make Squid 3.0 Stable1 and Squid 2.6 Stable17 authenticate against Active Directory (Windows 2003 Directory Service) and also to make it make the authorization using Ldap. This setup was not used in production environment yet, so its possible to had some problems not seen by me or scalabilities issues.
Open vSwitch is a production quality, multilayer virtual switch licensed under the open source Apache 2.0 license. It is designed to enable massive network automation through programmatic extension, while still supporting standard management interfaces and protocols (e.g. NetFlow, sFlow, RSPAN, ERSPAN, CLI, LACP, 802.1ag). In addition, it is designed to support distribution across multiple physical servers similar to VMware's vNetwork distributed vswitch or Cisco's Nexus 1000V.
21 Ruby Tricks You Should Be Using In Your Own Code – 2009 Update: This post was written in early 2008 and looking back on it, there are a couple of tricks that I wouldn't recommend anymore – or to which extra warnings need to be added. I've added paragraphs like this where necessary. Enjoy!
These are my links for 4 nov 2011 from 16:39 to 16:41:
What is FreeIPA? – FreeIPA is an integrated security information management solution combining Linux (Fedora), 389 (formerly known as Fedora Directory Server), MIT Kerberos, NTP, DNS. It consists of a web interface and command-line administration tools. In IPA v2 we added DNS and Dogtag Certificate Server, enhanced administrative framework, added support for host identities, netgroups, automount per location and more.
FreeIPA and Samba 3 Integration – techslaves.org – FreeIPA makes a pretty excellent backend for Samba 3. While all the information one needs to set this up is available online, I wasn’t able to find it all in one location so I’ve decided to try my best at filling that gap here on techslaves.org. Hopefully this short guide will aid those trying to piece together the various parts necessary to integrate FreeIPA v2 and Samba 3, at least until FreeIPA v3 where there is talk of enabling Samba integration with a simple command line argument to the “ipa-server-install” script.
Time Navigator HA Cluster Agent Configuration – techslaves.org – I’ve been wanting to post about a configuration that allows for seamless file-level backup of storage attached to an active/passive high availability cluster in an uninterrupted fashion using Atempo’s Time Navigator and I’m finally going to do it.
These are my links for 18 gen 2010 from 17:06 to 23:41:
Samba e Active Directory .:. PippoFante.it – Unire una macchina Linux (*BSD, Solaris, …) a un dominio (Active Directory) Windows talvolta è comodo, talvolta è utile, talvolta è necessario. Per ottenere questo risultato si usa Samba.
Squid e autenticazione su Active Directory .:. PippoFante.it – È giunto il momento di rifare il proxy aziendale – ovviamente Squid – e con l'occasione cambio il metodo di autenticazione appoggiandomi al dominio: una password in meno per gli utenti e controllo più centralizzato. Le condizioni al contorno sono sempre quelle: Debian come guest su VMware ESX così aumentiamo la percentuale di virtualizzazione con tutti i pro (ma anche i contro).