This is a pretty cool page: "Password Recovery Speeds: How long will your password stand up". Given a password consisting only of numbers, and between 2 and 9 characters, how long would it take a Pentium 100 to crack it using brute force? What if you used a faster PC? What about a supercomputer? OK, now what if your password added letters? And now symbols? And so on. It's a fascinating series of tables, and it may help you to convince folks that they really really really need to change their crappy passwords to something a bit tougher. (Check out all of our posts on security & passwords.) ...

Tip #1: "sudo means superuser do. sudo will prompt for Password:. Please specify your user password" (found at Unofficial Ubuntu 5.04 Starter Guide, which is excellent). In other words, if Ubuntu or Kubuntu asks for the root password, enter your user password first. That should work most of the time. Tip #2: "If you are tired of typing sudo all the time, switch to root user by issuing sudo -s -H followed by your user password" (found at Unofficial Ubuntu 5.04 Starter Guide, which is excellent). Tip #3: If you try to login as Administrator to the KDE Control Center, you will find that it doesn't work. Here's a workaround: first enter kcmshell --list, then, when you find the module you wish to edit, enter sudo kcmshell moduleyouwanttochange. This is SUPER annoying, and I really hope they fix it in Kubuntu. Tip #4: If you need a root user, enter the following: sudo passwd root. Enter a root password, and you've now got a root user. To disable the root user, use the following: sudo passwd ...

Two of the major computer mags - Computerworld & eWeek - have reviews of Novell Linux Desktop available, and if you or your company is thinking of investigating NLD, then you owe it to yourself to grab these & read 'em. Novell Linux Desktop heads to the office, in Computerworld, is a very short look at the distro that focuses around NLD as a replacement for Windows on the desktop. Finding "only a few minor hiccups", Computerworld eventually decides that yes, NLD can replace Windows … pretty much. As they put it, "Handling routine office chores using Open Office for word processing, Evolution for e-mail and Firefox for Web browsing works great. However, connecting to Windows networks still needs some work to become seamless". Read the piece to see what those issues were. In particular, Computerworld highlights a so-called "feature" that bugged the hell out of me with prior versions of SUSE: "the default for user passwords to Data Encryption Standard encryption, which only ...

If you don't use SSH or SFTP, and instead use telnet or FTP, you're asking for it. Big time. FTP & telnet send everything - passwords included - in the clear. Not safe at all. But, even if you use SSH (& it's descendants, SFTP & SCP), there's always more to learn. SSH offers an incredible amount of cool tricks that enable you to do an amazing amount of stuff. If you want to learn more, check out Brian Hatch's series of articles on SSH at SecurityFocus. They're well-written, & Brian definitely knows his stuff. Read 'em, learn 'em, live 'em. SSH Host Key Protection SSH User identities SSH and ssh-agent ...

There's a lot of great info out on the web & in bookstores about securing your Linux box, but here's a great resource you should definitely take a look at: Werner Puschitz's Securing Linux Production Systems: A Practical Guide to Basic Security in Linux Production Environments. Written for a technical audience (so if you're an absolute noob, you'd better look elsewhere), this lengthy (over 40 printed pages) guide is designed to provide "basic Linux security requirements for production systems that are being audited". Topics covered include passwords, system services, permissions, ssh, & more. You probably already know a lot of the stuff in here, but you'll undoubtedly find some new info as well, so give it a look. (Check out all of our posts on security.) ...

For such a simple tool, xpdf contains a major annoyance: by default, the table of contents frame doesn't display. To show it, you have to grab the small little box in the bottom right of the window & then drag it to the right, exposing the TOC frame. Oh, so that's where it is! PS: And while we're on the subject of PDFs & xpdf, let's not forget the excellent pdftotext command that comes with xpdf. To use it, just run pdftotext file.pdf, & soon you'll have file.txt as well, full of good ol' ASCII openness! PPS: Here's another cool PDF tool that ought to be in your arsenal: pdftk. To get it, just use apt-get install pdftk if you're lucky enough to be using Debian; otherwise, use Google or your favorite software repository. What's it do? Here's the description from the man page: If PDF is electronic paper, then pdftk is an electronic staple-remover, hole-punch, binder, secret-decoder-ring, and X-Ray-glasses. Pdftk is a simple tool for doing everyday things with PDF documents. ...

10:03 AM: The real title: "Michal's favorite network management tools". "This presenation will be completely, 100% Biased" 10:04: topics: SNMP MRTG Netflow Network Management 101 Bosses… ...and how to overcome the urge to hit them ...with a tomohawk 10:07 SNMP v1/v2 (net-snmp.org) Uses "community" (password, no username) authentication; no fine-grained access control Client-server model Traps: essentially remote syslog Extensible with scripts Runs on any UNIX-like OS (net-snmp) Windows SNMP buitl in, but see KB 146004 for "we mighnt not be right, but we're fast" details All major vendors offer extensions to MS SNMP E.g. Dell has 11.000 variables available The bad news: it's vendor-dependant ...

The Weblogs, Inc. network features over 100 independent, unfiltered bloggers producing over 1,000 blog posts a week across over 75 industry-leading blogs. Each week we ask our bloggers to choose their top posts, which we bring to you in one easy-to-read weekly post. You'll find links to the hottest posts from the past week after the jump including the Die Hard 4 foreshadow, and iPod cemetery, and a special request for a Macromedia donation. Enjoy the full listing after the jump. ...

Mail from Theo to the list this morning: From: Theo de Raadt To: announce@cvs.openbsd.org Date: Nov 1, 2005 1:30 AM Subject: OpenBSD 3.8 released November 1, 2005 Go and get it!  (Please remember to check the primary mirrors please — thanks) OpenBSD 3.8 RELEASED Nov 1, 2005. We are pleased to announce the official release of OpenBSD 3.8. This is our 18th release on CD-ROM (and 19th via FTP). We remain proud of OpenBSD's record of eight years with only a single remote hole in the default install. As in our previous releases, 3.8 provides significant improvements, including new features, in nearly all areas of the system: ...