software development, security, opinion
Archive for the ‘LINKS’ Category.
Lighthouse: Web project? Buy this book.
Yes, he makes the standard noises about Web project management’s unique challenges. But he also borrows extensively from the wisdom and rigour which software project managers have developed over the past third of a century. [Tomalak’s Realm]
ICEPick is an “open source peer to peer system designed to enable cross web site authentication and personalization services.” [Scripting News]
Like HailStorm, but open; no payment scheme either.
U.S. Navy:
Secure Windows NT 4.0 Installation and Configuration Guide (paper) [Security Focus]:
The objective of this project is to provide the Navy with clear and concise implementation guidance for the secure installation and configuration of the Windows NT 4.0 Server and Workstation Operating Systems. This guidance is based on the Navy IT-21 standard and is specific to the Naval Tactical Command Support System (NTCSS) and Joint Maritime Command Information System (JMCIS) local area network (LAN) architectures.
This guide covers pre-installation, server and workstation OS installation, and post-installation steps for securing a Windows NT domain. The post-installation portion includes instructions for C2 configuration, auditing, securing the registry, managing the file system, creating system policies and user profiles, controlling user accounts and rights, maintaining system repair data, and installing current service packs and hotfixes.
Two RFCs on Blocks. The Internet Engineering Task Force (IETF) has published The Blocks Extensible Exchange Protocol Core (RFC 3080) and Mapping the BEEP Core onto TCP (RFC 3081), describing an XML-based protocol layered directly on TCP/IP. [xmlhack]
SANS:
Lion is a new worm, that is very similar to the Ramen worm. However, this worm is much more dangerous and should be taken seriously. It infects Linux machines with the BIND DNS server running. It is known to infect bind version(s) 8.2, 8.2-P1, 8.2.1, 8.2.2-Px, and all 8.2.3-betas. The bind vulnerability is the TSIG vulnerability that was reported back on January 29, 2001.
The Lion worm spread via an application called randb. randb scans random class B networks probing TCP port 53. Once it hits a system, it then checks to see if that system is vulnerable. If so it then exploits the system using the exploit called name. It then installs the t0rn rootkit.
UC2010: A New Business Architecture for the University of California:
Unprecedented growth and an increasingly complex regulatory environment demand a new approach to the University’s core business processes and structure. The New Business Architecture will enable the University to manage growth, control costs, improve the work environment and implement best business practices.
The report presented on this site outlines six general strategies that will allow the University to achieve these objectives and concludes with a summary of recommendations and a timeline for their implementation.
Bastille Linux 1.2.0.pre20 (Testing Releases). A comprehensive hardening program for Redhat Linux 6.0. [freshmeat.net]
developerWorks: Linux hardware stability guide, Part 1 [Zope Newbie News]
Mostly about flaky CPUs and memory
You are currently browsing the archives for the LINKS category.
