Domain: webtechniques.com
Stories and comments across the archive that link to webtechniques.com.
Stories · 10
-
HP-LX 1.0 Secure Linux
kengreenebaum writes: "Webtechniques has a short but interesting article on HP's approach to a secure but expensive LINUX distro. Basically they started with RedHat 7.1 and added compartments; an extension to the age-old chroot jail concept where the processes representing major services run. Kernel extensions allow HP (or the administrator) to specify which compartments can access which kernel resources including individual files, network stacks, and each other. HP has Technical Product Brief as well as other material online. Interesting to compare HP's approach to that of the NSA's Secure Linux projects. These concepts sound like a solid way to prevent buffer overflow type security holes in individual services from compromising the entire machine. At $3000 HP-LX is too expensive for many to experiment with but the NSA's code seems to be more readily available. Anybody have experience with these distributions or with similar approaches to Linux security?" -
HP-LX 1.0 Secure Linux
kengreenebaum writes: "Webtechniques has a short but interesting article on HP's approach to a secure but expensive LINUX distro. Basically they started with RedHat 7.1 and added compartments; an extension to the age-old chroot jail concept where the processes representing major services run. Kernel extensions allow HP (or the administrator) to specify which compartments can access which kernel resources including individual files, network stacks, and each other. HP has Technical Product Brief as well as other material online. Interesting to compare HP's approach to that of the NSA's Secure Linux projects. These concepts sound like a solid way to prevent buffer overflow type security holes in individual services from compromising the entire machine. At $3000 HP-LX is too expensive for many to experiment with but the NSA's code seems to be more readily available. Anybody have experience with these distributions or with similar approaches to Linux security?" -
Specs of Salons Subscription System
legLess writes "Scott Rosenburg, Salon's VP of operations, wrote an interesting article for Web Techniques about Salon's subscription system. It goes into a fair amount of technical detail (JavaBeans and JSP on Linux for login and authentication; Perl, HTML::Mason and MySQL (CD: and oracle) for content). He also talks about their subscription numbers, what drove them to do it, and their plans for the future (technical and operational). A little fluffy, but still a good read." -
Specs of Salons Subscription System
legLess writes "Scott Rosenburg, Salon's VP of operations, wrote an interesting article for Web Techniques about Salon's subscription system. It goes into a fair amount of technical detail (JavaBeans and JSP on Linux for login and authentication; Perl, HTML::Mason and MySQL (CD: and oracle) for content). He also talks about their subscription numbers, what drove them to do it, and their plans for the future (technical and operational). A little fluffy, but still a good read." -
Paperweight or Computer? You Decide!
Swaza1 writes: "While looking for something else I came across this embedded system at Web Techniques, which looks a lot like a paperweight I have on my desk. Good golly ... Intrinsyc included 10BaseT, serial, and USB ports on it and it comes in Windows CE or LINUX flavors. When can I get a system in the shape of Snoopy-sleeping-on-his-doghouse desk lamp for my kid?" -
How to Build a Fad Website: AmIHotOrNot
webword writes: "Web Techniques is running an interesting article written by James Hong, one of the masterminds behind AmIHotOrNot.com (now known as HOT or NOT?). Before you decide to skip over this, consider that Hong and company used Apache, PHP and MySQL to build their site. They found that these open source tools ran much better on a 700-MHz Pentium III than a quad processor Sun E220. Hong also covers their moderation system, advertising arrangements, and how they were able to scale to handle 1.8 million page views per day after being in operation for a mere 8 days." -
Open Source Licensing Issues
msuzio writes "Web Techniques has a good editorial column this month on Open Source licensing issues. They focus on the difficulties in resolving both a single license (GPL, BSD, Apache), but also the deeper tangle of how to handle multiple licenses mixed into one project (a piece from GNU, a piece from Apache, etc). I think this issue will continue to dog efforts to bring together multiple open-source components, both in open-source and commercial projects using open-source." -
Open Source Licensing Issues
msuzio writes "Web Techniques has a good editorial column this month on Open Source licensing issues. They focus on the difficulties in resolving both a single license (GPL, BSD, Apache), but also the deeper tangle of how to handle multiple licenses mixed into one project (a piece from GNU, a piece from Apache, etc). I think this issue will continue to dog efforts to bring together multiple open-source components, both in open-source and commercial projects using open-source." -
Very Non-Biased FreeBSD Review
Anonymous Coward writes "From daily.daemonnews.org we have a link to a very very good article that describes almost exactly why many people (including myself) use FreeBSD." The author makes some good points, including good uses for file attributes and secure levels. An argument for BSD for several specific uses, and Linux for others. -
Reverse-secure proxy for Linux / Apache?
the gaijin writes "I'm looking for an alternative to Netscape Proxy Server, ideally using Linux and an Apache SSL variant. Our architecture follows the "reverse secure proxy model": A proxy server (Solaris + Netscape, 2 machines in round robin) handles HTTPS requests from a browser client. The proxy decodes the request and passes it as an HTTP request to one of the many application servers. The application server returns an HTTP response to the proxy, which then encodes the response and returns HTTPS to the browser client. (Application servers are actually grouped into farms defined by a Radware loadbalancing appliance; the proxy talks to the farms-- but the proxy is unaware of this). Has anyone implemented a model like this using the Apache proxying facilities, using one of the SSL variants? Is it possible? " jimjag writes: There's an article in Web Techniques that shows how to use mod_proxy and mod_rewrite to implement one layer of the above: the reverse proxying part.