FOSS

Introduction SELinux is an implementation of MAC (Mandatory Access Controls) over LSM (Linux Security Modules) in Linux Kernel. SELinux, originally developed by N.S.A. (National Security Agency) allows applications to be confined by the kernel. Inside that “confined area”, much more grained than a standard chroot (system where basic executables are copied to another folder in order to have a small subsystem isolated from real system. The drawback is that a small subsystem could have enough utilities to reveal private information from our internal network),in which we can allow only certain operations, for example: adding information to a file, read from a directory but not writing, even just for one file in a standard directory, etc… ...

Introduction JigDo (JIGsaw DOwnload) is a small utility that can assemble a CD/DVD image from it’s internal files. For example, Debian has been using it for years for distributing the entire distribution: you downloaded a .jigdo file, and then, using the utility jigdo-lite (package jigdo-file on Debian like and RPM based1. This way, you only downloaded small files from servers, preventing line failures, spreading load between several servers, etc. Furthermore, if you already had some files (for example if you started at version X and have been downloading and keeping all files until X.Y, jigdo, can use those updated files to compare them against the .jigdo file and avoid downloading duplicated files… ...

Introduction I’m working for a “very concerned about security” firm, that makes mandatory using VPN for accessing their network, and internal services: IMAPS SMTP Intranet Forums Online training, etc As it should, we provided services for a client, also very concerned about security, thus not allowing internet access despite of using two squid proxies with a network appliance filtering protocols, scripts, viruses and malware. They only allow FTP, HTTP and HTTPS. ...

Prior to using the following info for creating own-made packages, let’s test if everything is working fine. I’ve created a NSIS script that writes into registry in a key called HKLMSOFTWAREOCS and puts a key named “cert” with value creilla. If we create a package with action “LAUNCH”, and attach the regcert.zip with command to execute regcert.exe, all clients with functional package deployment, will add that key to registry, so we can check, using OCS registry query function for a key named “cert” into: HKLM SOFTWAREOCS. ...

Introduction OCS Inventory is an excellent piece of GPL Software for getting info from hardware components, and software installed on computers running Windows or UNIX-like operating systems (there are also some unofficial clients for running on other platforms). Since New Generation (OCS-NG), a new architecture was implemented: server were contacted using standard TCP/IP connection (Previous versions, used an MDB file to store information, and required a SMB share to inventory computers ), allowing remote computers to connect as well as providing a new web interface for computer administration, and inventory query. ...