Enterprise Unix Roundup: Sun's Line in the Sand Page 2

By Michael Hall (Send Email)
Posted May 5, 2005


Main     In Other News     Recent Updates     Tips of the Trade

In Other News

» Apple's OS X 10.4, Tiger, arrived last Friday. There are quite a few reviews floating around on the Web, but none as thorough or satisfying for the average Unix nerd as the 21-page opus at Ars Technica. If you don't care at all about Tiger, maybe a list of Tiger cliche headlines from last week will be more your speed.

Regarding Apple's latest, a little circumspection for enterprise users is probably in order. Reports are filtering in that modifications to the kernel have broken several VPN clients and other networking-dependent applications, including Microsoft's VirtualPC. Several of these outfits say it may take a few months to update their software.

» HP reports it has held the line with Intrado, the company driving the 911 emergency service in the United States. Intrado agreed to upgrade to HP's Itanium/HP-UX-based Integrity line as it revamps its service to include features, such as the ability to upload camera phone pictures to emergency workers from the scene of a call. Intrado currently uses HP's NonStop and HP 9000 servers.

» SUSE's two-year-old partnership with Veritas was preserved, with Veritas and Novell expanding their development and certification partnership. Evidently, the $50 million IBM lavished on Novell when it purchased SUSE didn't include any serious attempts to undermine its key storage rival.

» The first-quarter 2005 update to the SANS Top 20 Internet Security Vulnerabilities report came down hard on Microsoft this time around, and had nothing to say about any Unix variant in particular. Cue much backslapping and shouts of "Unix is the securest!" At the same time, we noticed the update did mention offerings from Symantec, F-Secure, TrendMicro, and McAfee, as well as Computer Associates. The common denominator with all of those mentions was the nature of the vulnerabilities they suffered from: Flaws in application libraries affected every single platform they operate on, Unix and Windows alike.

Recent Updates

  • Apple released a large set of patches for OS X 10.3.9. Security Update 005-005 includes updates for Apache, Directory Services, LDAP, Server Admin, VPN, and sudo — and that's just a smattering of the items of interest to admins.

  • Sambar Web server was updated to version 6.2 beta 5. The changelog lists several bugfixes.

  • The Squid caching proxy suffers from request smuggling and response splitting vulnerabilities. Both classes of vulnerabilities could facilitate cache poisoning attacks.

    Both vulnerabilities are addressed in version 2.5 Stable8 of the software, which has been out for some time. Alternately, users can add the lines client_persistent_connections off and server_persistent_connections off to their squid.conf files.

    Patches for other recently discovered flaws in Squid are in from Mandriva, TurboLinux, and Conectiva.

Tips of the Trade

System administrators deserve elaborate command centers. We should all sit in large, high-backed swivel chairs looking at banks of monitors and rows of blinking lights, all powered from a single keyboard.

An excellent utility to make this dream a reality is Synergy. Synergy lets you control multiple computers running different operating systems from a single keyboard and mouse. Each computer needs its own monitor, and all monitors are merged into a single virtual screen. To switch to a different computer, simply move the mouse off the edge of the screen, and the cursor magically appears on the next one. The keyboard follows the mouse.

Synergy lets you copy-and-paste across the different systems. It is also smart enough to convert new lines appropriately for the operating system. Screensavers are synchronized, a handy feature for when screen locking is enabled and you want a single password to unlock all screens.

Synergy also works on multiple screens attached to the same computer. It runs on Linux, Unix, Windows, and Mac OS X, but screensaver synchronization is not yet supported in OS X.

Synergy's one negative is its lack of built-in security. Users who want authentication and encryption will need to run Synergy over SSH.

For downloads and documentation, see the Synergy home page.

Carla Schroder writes the Tips of the Trade section of Enterprise Unix Roundup. She also appears on Enterprise Networking Planet and Linux Planet, covering Linux from the desktop to the server room, and is the author of the Linux Cookbook.

>> To Main

Page 2 of 2


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.