Here is an interesting article written by Christian Seifert, from The New Zealand Honeynet Alliance, that takes an inside look at SSH brute force attacks. This should be a nice lecture for everyone that doesn’t have the time and resources to setup a honeypot and investigate real attacks (most of us are just concerned on how to block them and that’s all). After reading such reports we can all understand better the attacks that we are facing in the wild wild internet.

“Malicious SSH login attempts have been appearing in some administrators’ logs for several years. This article revisits the use of honeypots to analyze malicious SSH login attempts and see what can be learned about this activity. The article then offers recommendations on how to secure one’s system against these attacks.”

Complete Story

This week the Debian project has announced that the next stable release will be available in December 2006 and will be named Debian GNU/Linux 4.0 alias ‘etch‘. This is great news for the Debian fans that are using the stable release, meaning they will not have to wait 3 years as they did for Sarge to see a new Debian stable release. As Sarge is now one year old (released on 6th of June, 2005) this means that after one year and 6 months we will have a new stable Debian release… This is possible probably because there will not be major changes as in Sarge (where we had the migration from kernel 2.4 to 2.6), and you can see the major changes as presented in the official announce:

“July 24th, 2006

The Debian project confirms December 2006 as the date for the next release of its distribution which will be named Debian GNU/Linux 4.0 alias ‘etch’. This will be the first official release to include the AMD64 architecture. The distribution will be released synchronously for 11 architectures in total.

At this stage, the upcoming release will ship with Linux 2.6.17 as its default kernel. This kernel will be used across all architectures and on the installer. A later version may be selected during a review in October.

New features of this release include the GNU Compiler Collection 4.1 as default compiler. X.Org will replace XFree86 as implementation of the X Window System X11. Secure APT will add extra security by easily supporting strong cryptography and digital signatures to validate downloaded packages.”

Source: http://www.debian.org/News/2006/20060724

Here is an interesting article about the Linux scheduler written by M. Tim Jones:

“The Linux® kernel continues to evolve, incorporating new technologies and gaining in reliability, scalability, and performance. One of the most important features of the 2.6 kernel is a scheduler implemented by Ingo Molnar. This scheduler is dynamic, supports load-balancing, and operates in constant time — O(1). This article explores these attributes of the Linux 2.6 scheduler, and more.”

Complete Story

Debian Developer Martin Krafft outlines the current challenges that the two distributions face when it comes to better co-operation between the respective projects:

“Ubuntu caused a lot of friction with and for Debian. In discussions with its founder, Mark Shuttleworth, and other Ubuntu developers during (and before) Debconf6, I was able to spell out the main criticisms from the Debian perspectives of the way Canonical/Ubuntu is handling things (without a claim to completeness). These criticisms mainly stem from discussions with fellow developers over the past 18 months, and I largely support all of them. I am publicising them here to help make the status quo more transparent…”

Complete Story

“Gerald Combs, founder of the Ethereal project–billed as the world’s most popular network protocol analyzer–caused a flurry of excitement among users and developers Wednesday when he announced on the Ethereal developers mailing list that he was changing jobs, moving to a new location, and taking the project and its core developers with him as he leaves.

“His initial announcement to the list provided some explanation…”

Complete Story

Have you ever wondered what really happens when you push the “ON” button on your computer and wait until you have to log into your operating system? Yes? Of course, yes. Well, here comes the answer.. check the article!

read more | digg story