The life expectancy of an unpatched Linux system in the wild has grown from 3 days to 3 months according to a new paper from The Honeynet Project. The time is getting better despite the increase in online attacks, the study noted. Also, the researchers noted that Win32 systems are getting worse, with the life expectancy of an unpatched system is in the several hours range.
IBM has put out a great guide for companies wanting to migrate to Linux as a desktop alternative. Topics covered include making a case for the migration, planning and executing the migration, and specific integration points when converting from a Windows environment.
Table of Contents
Part 1 Choosing Linux
Chapter 1. Introduction
Chapter 2. The case for migration
Part 2 Planning the pilot migration
Chapter 3. Organizational and human factors planning
Chapter 4. Technical planning
Part 3 Performing the pilot migration
Chapter 5. Migration best practices
Chapter 6. Client migration scenario
Chapter 7. Integration how-tos
Part 4 Appendixes
Appendix A. Using enterprise management tools
Appendix B. Application porting
Appendix C. Desktop automation and scripting
Appendix D. Client personalization
There have been a lot of posts recently on the XmlHTTPRequest object since Google released their Google Suggest application in the Google labs. Here are a few links describing this method that I thought I would throw together:
If you have more, feel free to post a comment.
Thawte SuperCerts are certificates that allow client browsers to negotiate a 128-bit SSL session with a server over HTTPS that will downgrade if your browser only supports 40-bit encryption. However, this year when we renewed our certificates at work, we were getting a series of errors because they changed the root Thawte CA certificate for the supercerts. Now they require an intermediate CA certificate on the web server. Details to do this on Apache/mod_ssl is here: Thawte KB vs29541
However, there is a problem with this when using the javax.net.SSL class to initiate the connection. Java will say the certificate is expired because it can’t chain the root Thawte CA and Thawte SGC CA certificates together. Here is how to install the Thawte SGC CA certificate on the Java application server to make this work:
Steps in IE 6.0 on Windows 2000 to get the cert:
1. Connect to https://my.domain.com
2. Go to Tools > Internet Options > Content > Certificates > Intermediate Certification Authorities
3. Choose “Thawte SGC CA”
4. Click “Export …”, then “Next>”
5. Select “DER encoded binary X.509 (.CER)”
6. Name the file thawtesgcca.cer
7. Select “Finish”
Now, import the certificate into the keystore in Java on the application server :
1. cd JAVA_HOME/jre/lib/security
2. keytool -keystore cacerts -storepass changeit -import -alias thawtesgc -file thawtesgcca.cer -trustcacerts
Very irritating. As far as I know, this is only needed for the Supercerts and not the regular 128-bit web server certificates.
At work we are looking at different content management systems to replace 40 users who generate content using FrontPage (gag).
I still would like to see Macromedia Contribute be web-based, instead of a client install — not Spectra, but something like FarCry, which looks really good also.
Anyone have suggestions for good content management solutions in a mixed static pages / custom ColdFusion applications environment? We have around 40 users who we would like to be able to create, edit, and publish their own sections of the website. Contribute and FarCry are the 2 I am looking at right now. Any others? We run ColdFusion on Windows 2000 server with Access/Oracle databases.
I was looking at this article about Contribute publishing system with ColdFusion, allowing users to maintain static content while you write ColdFusion applications, and thought that might be a good solution.