eWeek offers up this opinion: “This is a critical moment for Linux. The combination of Linus Torvalds setting overall direction and LSB filling in the fine print will keep Linux together. But sans LSB, there is danger of fragmentation.”

This is old news if you read NewsForge or Linux.com, but ZDNet is reporting what we did last week, that walmart.com is starting to carry PCs loaded with LindowsOS.

Anonymous Reader writes: Covalent Technologies today announced its Covalent FTP Server has been optimized for enterprise customers, delivering a complete server solution for companies relying on the File Transfer Protocol (FTP) to exchange large amounts of data. Based on Apache 2.0, Covalent FTP Server delivers a higher level of security as well as easier integration and better performance than other standard FTP servers.
While large companies frequently use FTP as the primary method for large file serving and reliable data transfer, standard FTP servers typically do not meet enterprise requirements for integration, security, and performance. Covalent Technologies has developed a robust FTP server purpose-built for enterprise deployments that meets these advanced conditions. Its chief benefit is the ability for companies to conduct encrypted transactions, ensuring the highest level of security.

Benefits of Shared Infrastructure
Currently, many IT departments are forced to build redundant infrastructure components, such as authorization, authentication and logging, for both HTTP and FTP traffic. Covalent FTP leverages the advanced capabilities of the Apache 2.0 module architecture found in Covalent Enterprise Ready Server. In this model, content serving protocols are ?plugged into? Apache?s core processing and share infrastructure components. As a result, multiple protocols can be delivered from the same server instance while sharing authentication, authorization, logging, and programming API modules. Covalent has developed the technology to serve FTP, secure FTP, HTTP, and HTTPS from a single Apache instance.

Enterprise Standards
Enterprise file transfer systems demand additional requirements that extend beyond traditional FTP server capabilities. These common requirements fall into three categories — security, integration and performance — and are addressed by Covalent FTP:

Security

Covalent FTP does not carry the same added complexities and vulnerabilities of traditional FTP servers or SSL tunneling implementations. Covalent FTP utilizes the Apache 2.0 framework to leverage secure authorization, digital certificates (X.509) and SSL/TLS encryption security.

Covalent FTP secures the file transfer over the data connection using Secure Socket Layer security using Covalent SSL.

Integration
Covalent integrates with popular FTP clients that support both plain text FTP and FTP over SSL, such as CuteFTP and WSFTP Pro. Many users are already familiar with the functionality of these clients and do not need to learn a new application. Also, this removes the desktop support nightmares that exist whenever installing a new client into a large enterprise environment.

Performance
Covalent FTP is built atop the advanced processing architecture of Apache 2.0. In this model, administrators have the flexibility of running the FTP process in a pre-forked or threaded mode. Performance can be fine-tuned for the specific implementation using standard Apache syntax. Both the pre-forked and threaded processing options serve connections from a pool of workers. This is a solution with superior performance compared to FTP processes started from “inetd” or FTP servers that spawn a process for each incoming request.

Since Covalent FTP is an Apache-based server, it also inherits the scaling and stability that has made Apache the world?s most dominant server. As a result, Covalent FTP has no problem transmitting large files or handling numerous file requests.

Platforms and Availability
Covalent FTP Server ships on Solaris, Linux, HPUX and Windows. Pricing is available by calling Covalent’s direct sales force at 800/444-1935. More information can be found at Covalent?s web site at www.covalent.net.

About Covalent Technologies, Inc.
Covalent is the leading provider of enterprise management solutions for Web server software. Founded in 1998, Covalent has developed a comprehensive Web infrastructure solution offering enhanced security, reliability and manageability. Funded by leading venture capital investors including Sequoia Capital, Menlo Ventures and Granite Ventures, Covalent is the only company offering a comprehensive suite of products, services and support for Apache. Companies such as Lucent Technologies, Dow Jones and others depend on Covalent for their Web Server infrastructure. More information about the company can be found at www.covalent.net.

LinuxSecurity Contributors write: “While testing for Oracle vulnerabilities, Mark Litchfield discovered a denial of service attack for Apache on Windows. Investigation by the Apache Software Foundation showed that this issue has a wider scope, which on some platforms results in a denial of service vulnerability, while on some other platforms presents a potential a remote exploit vulnerability.”
http://www.linuxsecurity.com/articles/server_secur ity_article-5150.html.

Slashdot has a link to a column by Joel Spolsky talking about why some companies are switching to Open Source. “I noticed something interesting about open source software, which is this: most of the companies spending big money to develop open source software are doing it because it’s a good business strategy for them, not because they suddenly stopped believing in capitalism and fell in love with freedom-as-in-speech.”

LinuxSecurity Contributors write: “This week, perhaps the most interesting articles include ‘Securing Linux Servers and Desktops,’ ‘The Solution to Spam: Reverse Filtering,’ ‘Security firms tout savings, not safety,’ and ‘Developing an Effective Incident Cost Analysis Mechanism.’ ”
http://www.linuxsecurity.com/articles/forums_artic le-5143.html.

IBM Research has demonstrated the
industry’s first self- diagnostic tool that can automatically monitor
802.11 wireless networks and report security problems in real-time. The
Distributed Wireless Security Auditor (DWSA), which runs on desktop and
laptop computers, can monitor wireless network security and report to the
central back-end servers minute by minute, 24 hours a day, seven days a
week.
IBM researchers introduced its first version, the Wireless Security Auditor
(WSA) last summer, which runs on a small wireless PDA running Linux. IBM
Global Services quickly developed a specific services offering that deploys
software tools, including the WSA, to help customers safeguard and perform
risk assessments of their wireless networks. Researchers have now
extended the tool, making it more autonomic by adding self-sensor and
self-diagnosis features. Running as a lightweight process on wireless
clients in an enterprise, DWSA can quickly report wireless infrastructure
security issues to system administrators.

“As 802.11 wireless networks have become more popular, their security has
to be checked frequently to ensure they are still secure,” says Dave
Safford, manager of Global Security Analysis Lab at IBM Research. “Our
self-diagnostic tool takes advantage of the many wireless clients already
out there by having them continuously monitoring the security of the
wireless network and reporting anomalies to a central server, all without
human intervention.”

The DWSA system, which runs on Linux on desktops and laptops, can
accurately pinpoint the location of any rogue access points, enabling
network personnel to quickly find and then fix or remove them, unlike other
wireless auditors that require personnel to perform time consuming physical
searches by walking around the site. DWSA locates rogue access points
based on signal strength measurements by the wireless hardware on the
distributed clients. The signal strengths vary with the distance from the
rogue, and can be used to estimate the actual distance. As long as at least
three client machines report the signal strength of the rogue, their
reports can be used by the system to calculate the access point location
using the estimated ranges and simple geometry. The Windows version will
be ready shortly.

Existing security for 802.11 wireless consists of two subsystems: a data
encryption technique called Wired Equivalent Privacy (WEP) and an
authentication method, either Shared Key or 802.1x. Both the encryption
and authentication are optional, and wireless access points are typically
shipped with both turned off. Wireless network security needs to be
checked frequently since employees can easily add new wireless devices,
which may become easy access points for hackers. This tool allows system
administrators at the central location to find what access points exist and
examine their configuration remotely so that they can take proper steps to
keep the wireless network secure.

DWSA acts as an extension of IBM’s security consulting team by continuously
monitoring customers’ wireless systems so they can enjoy the benefits of
wireless technology with the security of wireline computing. In addition,
a new wireless risk assessment offered by IBM Global Services for WLANs
uses a combination of tools, techniques and methodology to help customers
evaluate their security posture. As part of a full family of wireless
services, the Wireless Security Auditor for LANs is used by IBM
consultants to detect wireless access points that do not have the
appropriate security. A set of recommendations are sent to the customer,
as well as a proposal to address security issues detected. These
recommendations go beyond the simple technology and cover processes and
security policies as well.

IBM Tivoli Risk Manager continues to expand on its vulnerability management
capabilities by extending its support to wireless network vulnerability
management based on the DWSA. IBM Tivoli Risk Manager monitors output of
the DWSA and other security checkpoints giving administrators a complete
view of e-business security exposures, intrusions and wireless network
vulnerability.

The wireless security tool was developed in collaboration with the IBM
Personal Computing Division, which is investigating the potential of
including it on future ThinkPad models. ThinkPads are already equipped with
built-in 802.11b wireless networking capability.

For further information on DWSA, visit to www.research.ibm.com/gsal/dwsa.
Further information on IBM Research can be found at: www.ibm.com/research.

WashingtonPost.com comments on the new Mozilla. The author notes that Mozilla blocks pop-up ads, and “you don’t need to dislike Microsoft to like Mozlla.”

Plesk, Inc., the market leader in automated Web hosting software, announced today an introductory promotion for it’s upcoming Plesk Server Administrator (PSA) version 5.0 Master, which is an advanced single-console interface that consolidates and automates the management of Linux and Unix servers and the hosting plans that run on them.
Before June 30, hosting professionals who purchase PSA 2.5, the undisputed leader in automated hosting platforms, will receive a free10-server key of PSA 5.0 Master, which will have a list price of $199. PSA 5.0 Master is scheduled for general availability in early September. With PSA 5.0 Master, any delegated administrator – hosting provider, reseller or domain owner – can manage virtually an unlimited number of hosting plan templates. PSA 5.0 Master will be the price/performance leader for bulk hosting environments that sustain the most demanding reseller channels.

“PSA 5.0 Master is a breakthrough in Web hosting,” said Rob Greenawalt, president and CEO of WebReseller.net. “The Master Level of administration makes this product simply amazing. With a single login I can manage an entire server farm to a single domain. This tool gives my resellers the power to freely resell my server space and never have to worry about training a support staff to manage their systems.”

“Many of our customers have several hundred Plesk servers installed, and PSA 5.0 Master gives them the ability to consolidate the management of those servers through one interface without the overkill of enterprise-level management software,” said George Pappas, president and CEO of Plesk. “PSA 5.0 Master is a non-disruptive way to significantly expand the functionality of PSA networks, and it continues to help our customers grow at their historically rapid pace.”

With PSA 5.0 Master, hosting providers enjoy features such as:

• Custom interface skin and new-button creation.
• Limitless custom plan creation.
• Multi-server management console.
• Multi-system monitoring.
• Server reseller hosting.

In addition to the 10-key version, PSA 5.0 Master will be available in a 25-server version priced at $399, and a 50-server version that will cost $599.

About Plesk, Inc.

Plesk, Inc. develops, markets and supports software that simplifies and automates the full range of server configuration and management tasks required for Web hosting. Using point-and-click user interfaces presented through standard Web browsers, Plesk Server Administrator enables non-technical customers and Web hosting companies to manage their own domains, and Web hosting companies and their service resellers to deliver better and faster customer support at lower cost. In less than two years, Plesk software has earned the enthusiastic praise and loyalty of hundreds of Web hosting companies and thousands of their customers. HostingTech Magazine in November 2001 wrote “In the load test, there was no discernable difference in performance during heavy CPU usage times. Speed and simplicity are why Plesk has perhaps the best selling of all the control panels.” For more information about Plesk, visit www.plesk.com or call (888) 209-8900.

“Plesk” and “Plesk Server Administrator” are trademarks of Plesk, Inc. All other product, service and company names are the trademarks or registered trademarks of their respective holders.

Tom Podnar writes: Microlite Corporation, inventors of and world leaders in bare metal disaster recovery technology for Linux, is making DVD the preferred media for protecting mid-sized Linux systems.

BackupEDGE SS?01.02.02 adds support for second-generation DVD+RW devices. This means that, in addition to supporting tape drives, changers and libraries, users may protect their systems by backing up to any of the following optical media: DVD-RAM, DVD-R, DVD+RW, DVD+R, CD-R and CD-RW.

“DVD devices provide exceptional capabilities for Linux users, especially in replicated sites.”, said Tom Podnar, President of Microlite. “They can replace both the CD-ROM drive AND the tape drive on large numbers of systems, providing lower integration costs, backups on inexpensive, long lasting media, instant access to archived files, and unprecedented speed and simplicity when disaster recovery is needed.”

Brief Features List

• Re-writable archives may be created on tape, DVD-RAM, DVD+RW and CD-RW media. DVD-RAM media is rated at 100,000 re-writes, while DVD+RW is rated at 1,000.
• Write once archives for permanent archives and system replication may be made on inexpensive DVD-R, DVD+R and CD-R media.
• No special device driver is needed for DVD devices. They are seen as a CD-ROM by the operating system. BackupEDGE SS does the rest.
• Disaster Recovery (DR) media may be created on floppy, CD or DVD media.
• The above features may be combined to create bootable backups on CD and DVD media.
• DR media (and bootable backups) contain full network stacks. Users may restore from remote devices. Additionally, administrators may telnet or modem directly into the booted DR media to perform a remote recovery from any where in the world.
• The RecoverEDGE DR system is constantly updated to keep up with the changes in Linux. This release fully understands how to re-create systems on the latest releases, such as Red Hat 7.3, Suse 8.0 and Mandrake 8.2. It does extensive system detection and understands the intricacies of the LILO and GRUB bootloaders, as well as ext2, ext3, Reiser, JFS and XFS filesystems and how to re-create them.
• Instant File RestoreTM provides the fastest possible restoration of files and directories. Typical access time to any file on an indexed CD or DVD archive is under one second.

More information on the tape, changer, optical media and additional operating systems supported by BackupEDGE SS can be found at the Microlite Corporation web site.

Availability

BackupEDGE SS 01.02.02 is now available worldwide from UNIX and Linux resellers and value added distributors. Prices start at $90.00(US) for personal or non-commercial use and $300.00(US) for commercial licenses. Fully functional evaluation copies are now available from the Microlite Corporation web site.

About Microlite Corporation

Microlite Corporation has been serving the Unix community since 1983, and has been producing high-quality backup and crash recovery software since 1987. For more information, visit www.microlite.com or contact Microlite Sales at 724-375-6711 or 888-257-3343, or by mailing to sales@microlite.com.