Twitter
Home Blog Page 419

Finding Vulnerable Open Source Packages

By
O'Reilly
-

Finding Vulnerable Packages

Now that you understand what a known vulnerability is, let’s start going through the four steps needed to address them: find, fix, prevent, and respond.

The first step in solving any problem is acknowledging you have one! And so, with vulnerable packages, your first act should be to look for vulnerable packages your application is consuming. This chapter discusses how to test your application, when and how you should run such a test, and the nuances in running the test and interpreting the results.

Taxonomy

Before you start testing, let’s first discuss what you should anticipate seeing in the results.

Read more at O’Reilly

How to Install Tripwire IDS (Intrusion Detection System) on Linux

By
Tecmint
-

Tripwire is a popular Linux Intrusion Detection System (IDS) that runs on systems in order to detect if unauthorized filesystem changes occurred over time.

In CentOS and RHEL distributions, tripwire is not a part of official repositories. However, the tripwire package can be installed via Epel repositories.

To begin, first install Epel repositories in CentOS and RHEL system, by issuing the below command.

# yum install epel-release

After you’ve installed Epel repositories, make sure you update the system with the following command.

Read more at Tecmint

Patricia Florissi, Antony Passemard, Jon Corbet to Keynote at ELC + OpenIoT Summit North America

By
The Linux Foundation
-

The schedule is now live for Embedded Linux Conference + OpenIoT Summit North America 2018.

Embedded Linux Conference (ELC) is where the world’s leading engineers and developers gather to learn about the newest embedded technologies, engage in important discussions, collaborate with peers, and gain a competitive advantage with innovative embedded Linux solutions.

OpenIoT Summit is a technical conference for system architects, firmware developers and software developers, helping to advance successful IoT developments and progress the development of industrial IoT solutions.

Sign up for ELC/OpenIoT Summit updates to get the latest information:

Keynote speakers include:

  • Massimo Banzi, Co-Founder, Arduino Project

  • Tim Bird, Senior Software Engineer, Sony Electronics

  • Amber Case, Author and Fellow at Harvard’s Berkman Klein Center

  • Jonathan Corbet, Author, Kernel Developer and Executive Editor of LWN.net

  • Philip DesAutels, PhD, Senior Director of IoT, The Linux Foundation

  • Patricia Florissi, VP & Global CTO for Sales, Dell EMC

  • Antony Passemard, Product Management Lead – Cloud IoT, Google

  • Imad Sousou, Vice President, Software and Services Group & General Manager, Intel Open Source Technology Center, Intel Corporation

  • Kate Stewart, Senior Director of Strategic Programs, The Linux Foundation

  • Daniel Wilson, Roboticist and Author

Featured Sessions:

  • What Every Driver Developer Should Know about RT – Julia Cartwright, National Instruments

  • The Salmon Diet: Up-Streaming Drivers as a Form of Optimization – Gilad Ben-Yossef, Arm

  • Not Really, but Kind of Real Time Linux – Sandra Capri, Ambient Sensors

  • An Introduction to Asymmetric Multiprocessing: When this Architecture can be a Game Changer and How to Survive It – Nicola La Gloria & Laura Nao, Kynetics

  • Using Microservices to Create a Flexible IoT Software Platform – Jim White, Dell

  • Building an Open Source Stack for IoT Analytics – Fangjin Yang, Imply

  • Mixed Critical IoT Edge Systems through Virtualization – Michele Paolino, Virtual Open Systems

View the Full Schedule >>

Join experts from the world’s leading companies and open source projects for 100+ sessions as they present the information needed to lead successful IoT developments, progress the development of IoT solutions, and learn about the newest embedded technologies and innovative embedded Linux solutions.

Early bird pricing closes in 3 days. Register before January 28 and save $300!

REGISTER NOW

Keep Accurate Time on Linux with NTP

By
Carla Schroder
-

How to keep the correct time and keep your computers synchronized without abusing time servers, using NTP and systemd.

What Time is It?

Linux is funky when it comes to telling the time. You might think that the time tells the time, but it doesn’t because it is a timer that measures how long a process runs. To get the time, you run the date command, and to view more than one date, you use cal. Timestamps on files are also a source of confusion as they are typically displayed in two different ways, depending on your distro defaults. This example is from Ubuntu 16.04 LTS:

$ ls -l
drwxrwxr-x 5 carla carla   4096 Mar 27  2017 stuff
drwxrwxr-x 2 carla carla   4096 Dec  8 11:32 things
-rw-rw-r-- 1 carla carla 626052 Nov 21 12:07 fatpdf.pdf
-rw-rw-r-- 1 carla carla   2781 Apr 18  2017 oddlots.txt

Some display the year, some display the time, which makes ordering your files rather a mess. The GNU default is files dated within the last six months display the time instead of the year. I suppose there is a reason for this. If your Linux does this, try ls -l --time-style=long-iso to display the timestamps all the same way, sorted alphabetically. See How to Change the Linux Date and Time: Simple Commands to learn all manner of fascinating ways to manage the time on Linux.

Check Current Settings

NTP, the network time protocol, is the old-fashioned way of keeping correct time on computers. ntpd, the NTP daemon, periodically queries a public time server and adjusts your system time as needed. It’s a simple lightweight protocol that is easy to set up for basic use. Systemd has barged into NTP territory with the systemd-timesyncd.service, which acts as a client to ntpd.

Before messing with NTP, let’s take a minute to check that current time settings are correct.

There are (at least) two timekeepers on your system: system time, which is managed by the Linux kernel, and the hardware clock on your motherboard, which is also called the real-time clock (RTC). When you enter your system BIOS, you see the hardware clock time and you can change its settings. When you install a new Linux, and in some graphical time managers, you are asked if you want your RTC set to the UTC (Coordinated Universal Time) zone. It should be set to UTC, because all time zone and daylight savings time calculations are based on UTC. Use the hwclock command to check:

$ sudo hwclock --debug
hwclock from util-linux 2.27.1
Using the /dev interface to the clock.
Hardware clock is on UTC time
Assuming hardware clock is kept in UTC time.
Waiting for clock tick...
...got clock tick
Time read from Hardware Clock: 2018/01/22 22:14:31
Hw clock time : 2018/01/22 22:14:31 = 1516659271 seconds since 1969
Time since last adjustment is 1516659271 seconds
Calculated Hardware Clock drift is 0.000000 seconds
Mon 22 Jan 2018 02:14:30 PM PST  .202760 seconds

“Hardware clock is kept in UTC time” confirms that your RTC is on UTC, even though it translates the time to your local time. If it were set to local time it would report “Hardware clock is kept in local time.”

You should have a /etc/adjtime file. If you don’t, sync your RTC to system time:

$ sudo hwclock -w

This should generate the file, and the contents should look like this example:

$ cat /etc/adjtime
0.000000 1516661953 0.000000
1516661953
UTC

The new-fangled systemd way is to run timedatectl, which does not need root permissions:

$ timedatectl
      Local time: Mon 2018-01-22 14:17:51 PST
  Universal time: Mon 2018-01-22 22:17:51 UTC
        RTC time: Mon 2018-01-22 22:17:51
       Time zone: America/Los_Angeles (PST, -0800)
 Network time on: yes
NTP synchronized: yes
 RTC in local TZ: no

“RTC in local TZ: no” confirms that it is on UTC time. What if it is on local time? There are, as always, multiple ways to change it. The easy way is with a nice graphical configuration tool, like YaST in openSUSE. You can use timedatectl:

$ timedatectl set-local-rtc 0

Or edit /etc/adjtime, replacing UTC with LOCAL.

systemd-timesyncd Client

Now I’m tired, and we’ve just gotten to the good part. Who knew timekeeping was so complex? We haven’t even scratched the surface; read man 8 hwclock to get an idea of how time is kept on computers.

Systemd provides the systemd-timesyncd.service client, which queries remote time servers and adjusts your system time. Configure your servers in /etc/systemd/timesyncd.conf. Most Linux distributions provide a default configuration that points to time servers that they maintain, like Fedora:

[Time]
#NTP=
#FallbackNTP=0.fedora.pool.ntp.org  1.fedora.pool.ntp.org

You may enter any other servers you desire, such as your own local NTP server, on the NTP= line in a space-delimited list. (Remember to uncomment this line.) Anything you put on the NTP= line overrides the fallback.

What if you are not using systemd? Then you need only NTP.

Setting up NTP Server and Client

It is a good practice to set up your own LAN NTP server, so that you are not pummeling public NTP servers from all of your computers. On most Linuxes NTP comes in the ntp package, and most of them provide /etc/ntp.conf to configure the service. Consult NTP Pool Time Servers to find the NTP server pool that is appropriate for your region. Then enter 4-5 servers in your /etc/ntp.conf file, with each server on its own line:

driftfile   /var/ntp.drift
logfile     /var/log/ntp.log
server 0.europe.pool.ntp.org
server 1.europe.pool.ntp.org
server 2.europe.pool.ntp.org
server 3.europe.pool.ntp.org

The driftfile tells ntpd where to store the information it needs to quickly synchronize your system clock with the time servers at startup, and your logs should have their own home instead of getting dumped into the syslog. Use your Linux distribution defaults for these files if it provides them.

Now start the daemon; on most Linuxes this is sudo systemctl start ntpd. Let it run for a few minutes, then check its status:

$ ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================
+dev.smatwebdesi 192.168.194.89   3 u   25   64   37   92.456   -6.395  18.530
*chl.la          127.67.113.92    2 u   23   64   37   75.175    8.820   8.230
+four0.fairy.mat 35.73.197.144    2 u   22   64   37  116.272  -10.033  40.151
-195.21.152.161  195.66.241.2     2 u   27   64   37  107.559    1.822  27.346

I have no idea what any of that means, other than your daemon is talking to the remote time servers, and that is what you want. To permanently enable it, run sudo systemctl enable ntpd. If your Linux doesn’t use systemd then it is your homework to figure out how to run ntpd.

Now you can set up systemd-timesyncd on your other LAN hosts to use your local NTP server, or install NTP on them and enter your local server in their /etc/ntp.conf files.

NTP servers take a beating, and demand continually increases. You can help by running your own public NTP server. Come back next week to learn how.

Learn more about Linux through the free “Introduction to Linux” course from The Linux Foundation and edX.

8 Unusual IT Interview Questions and Approaches: CIOs Share

By
The Enterprisers Project
-

We asked IT and business leaders to share their tips for bringing out these and other key  qualities during interviews. Read on for their unique and interesting interview questions and strategies – and what the responses help them discern about candidates. And if you’re a job seeker: Learn and get ready for these strategies.

Jonathan Feldman, CIO, City of Asheville, N.C. 

“I am a hater of the weird question. I regret using weird questions in the past, because I want people to be comfortable.” 

“I like to ask ‘What do you do for fun?’ That accomplishes two things: First, I like to see that there are multiple dimensions to the candidate. It also shows the candidate I am genuinely interested in the whole person. 

Read more at The Enterprisers Project

Hands-on Test of Windows Subsystem for Linux

By
ADMIN Magazine
-

If you don’t want to do without the main advantages of Linux on the Windows platform, the Windows Subsystem for Linux offers another option. We delve the depths of the Linux underworld and explain how you can optimize the subsystem.

The new Linux subsystem [1] has been around since the Windows 10 Creators Update; according to Microsoft, it can get by without a resource-consuming virtual machine (VM) and configuration. It is also said to offer a more native Linux feeling than the previous Cygwin [2] Linux environment. Linux users have used Cygwin on Windows for years, for example, to automate processes with shell scripts (e.g., mass Git checkouts), but it does mean recompiling Linux programs for Windows.

A look at the subsystem is worthwhile because of the surprisingly lightweight, process-based virtualization concept that just might catch on. In this article, I explain the limitations of the subsystem compared with native Linux and Cygwin, and I offer a number of customization tips that help make the subsystem fit for everyday use.

Read more at ADMIN

Announcing the Availability of Kubernetes 1.9.1 Certified Kubernetes Administrator (CKA) Exam

By
Cloud Native Computing Foundation
-

This third release of the CKA exam demonstrates CNCF’s ongoing commitment to grow the Kubernetes ecosystem by ensuring that developers and operations can demonstrate their skills with the latest version of Kubernetes. The latest CKA exam maps to the latest Kubernetes 1.9.1 release published last month. A number of bugs and inconsistencies in earlier versions have now been eliminated.

The online exam takes three hours to complete and consists of a set of performance-based items (problems) to be solved in a command line running Version 1.9.1. The Certification focuses on the skills required to be a successful Kubernetes Administrator.

Read more at CNCF

Oculus Creates a New, Open Source Unit of Time to Measure Frame Rates

By
ArsTechnica
-

Of all the things we expected to come out of the rise of Oculus and the still-burgeoning era of consumer virtual reality, a new fundamental unit of time was not one of them. But that’s just what Oculus and Facebook have rolled out this week in the form of the flick, a new definition that subdivides a single second into precisely 705,600,000 parts.

If you use common time units like the millisecond or nanosecond to measure how long a single frame of video appears on screen, you’re often left with a fractional remainder rather than a clean, whole integer. This can be a problem in programming and visual effects, where rounding and/or floating point representations can lead to slight imprecision or desynchronization over time. Delivering video frames with perfect timing is also pretty important to delivering a comfortable VR experience.

Read more at Ars Technica

 

​Linux and Intel Slowly Hack Their Way to a Spectre Patch

By
ZDNet
-

Spectre and Meltdown are major design flaws in modern CPUs. While they’re present in almost all recent processors, because Intel chips are so widely used, Intel is taking most of the heat for these bugs. Nowhere has the criticism been hotter than on the Linux Kernel Mailing List (LKML). That’s because unlike Apple and Microsoft operating system developers and OEMS like Dell and HP, Linux programmers do their work in the open. But, when Linux and Intel developers aren’t arguing, they are making progress.

Read more at ZDNet

Linux Foundation Combines 6 Networking Projects Into 1

By
SDx Central
-

Six Linux Foundation open source networking projects are combining into one new project known as the LF Networking Fund (LFN). The six initial projects are ONAP, OPNFV, OpenDaylight, FD.io, PDNA, and SNAS.

Arpit Joshipura will serve as executive director of LFN for the Linux Foundation. Joshipura’s previous title had been general manager of networking and orchestration at the Linux Foundation. “We are going horizontal,” said Joshipura. “I will be driving the general business management of LFN.”

Read more at SDx Central

1...418419420...10,742Page 419 of 10,742