Skip to main content

Home/ Future of the Web/ Group items tagged sysadmin

Rss Feed Group items tagged

Gonzalo San Gil, PhD.

Linux Foundation SysAdmin Resources - Linux Foundation Training - 0 views

  •  
    "Resources to Start Your SysAdmin Career"
Paul Merrell

He Was a Hacker for the NSA and He Was Willing to Talk. I Was Willing to Listen. - 2 views

  • he message arrived at night and consisted of three words: “Good evening sir!” The sender was a hacker who had written a series of provocative memos at the National Security Agency. His secret memos had explained — with an earthy use of slang and emojis that was unusual for an operative of the largest eavesdropping organization in the world — how the NSA breaks into the digital accounts of people who manage computer networks, and how it tries to unmask people who use Tor to browse the web anonymously. Outlining some of the NSA’s most sensitive activities, the memos were leaked by Edward Snowden, and I had written about a few of them for The Intercept. There is no Miss Manners for exchanging pleasantries with a man the government has trained to be the digital equivalent of a Navy SEAL. Though I had initiated the contact, I was wary of how he might respond. The hacker had publicly expressed a visceral dislike for Snowden and had accused The Intercept of jeopardizing lives by publishing classified information. One of his memos outlined the ways the NSA reroutes (or “shapes”) the internet traffic of entire countries, and another memo was titled “I Hunt Sysadmins.” I felt sure he could hack anyone’s computer, including mine. Good evening sir!
  • The sender was a hacker who had written a series of provocative memos at the National Security Agency. His secret memos had explained — with an earthy use of slang and emojis that was unusual for an operative of the largest eavesdropping organization in the world — how the NSA breaks into the digital accounts of people who manage computer networks, and how it tries to unmask people who use Tor to browse the web anonymously. Outlining some of the NSA’s most sensitive activities, the memos were leaked by Edward Snowden, and I had written about a few of them for The Intercept. There is no Miss Manners for exchanging pleasantries with a man the government has trained to be the digital equivalent of a Navy SEAL. Though I had initiated the contact, I was wary of how he might respond. The hacker had publicly expressed a visceral dislike for Snowden and had accused The Intercept of jeopardizing lives by publishing classified information. One of his memos outlined the ways the NSA reroutes (or “shapes”) the internet traffic of entire countries, and another memo was titled “I Hunt Sysadmins.” I felt sure he could hack anyone’s computer, including mine.
  • I got lucky with the hacker, because he recently left the agency for the cybersecurity industry; it would be his choice to talk, not the NSA’s. Fortunately, speaking out is his second nature.
  • ...7 more annotations...
  • He agreed to a video chat that turned into a three-hour discussion sprawling from the ethics of surveillance to the downsides of home improvements and the difficulty of securing your laptop.
  • In recent years, two developments have helped make hacking for the government a lot more attractive than hacking for yourself. First, the Department of Justice has cracked down on freelance hacking, whether it be altruistic or malignant. If the DOJ doesn’t like the way you hack, you are going to jail. Meanwhile, hackers have been warmly invited to deploy their transgressive impulses in service to the homeland, because the NSA and other federal agencies have turned themselves into licensed hives of breaking into other people’s computers. For many, it’s a techno sandbox of irresistible delights, according to Gabriella Coleman, a professor at McGill University who studies hackers. “The NSA is a very exciting place for hackers because you have unlimited resources, you have some of the best talent in the world, whether it’s cryptographers or mathematicians or hackers,” she said. “It is just too intellectually exciting not to go there.”
  • The Lamb’s memos on cool ways to hunt sysadmins triggered a strong reaction when I wrote about them in 2014 with my colleague Ryan Gallagher. The memos explained how the NSA tracks down the email and Facebook accounts of systems administrators who oversee computer networks. After plundering their accounts, the NSA can impersonate the admins to get into their computer networks and pilfer the data flowing through them. As the Lamb wrote, “sys admins generally are not my end target. My end target is the extremist/terrorist or government official that happens to be using the network … who better to target than the person that already has the ‘keys to the kingdom’?” Another of his NSA memos, “Network Shaping 101,” used Yemen as a theoretical case study for secretly redirecting the entirety of a country’s internet traffic to NSA servers.
  • “If I turn the tables on you,” I asked the Lamb, “and say, OK, you’re a target for all kinds of people for all kinds of reasons. How do you feel about being a target and that kind of justification being used to justify getting all of your credentials and the keys to your kingdom?” The Lamb smiled. “There is no real safe, sacred ground on the internet,” he replied. “Whatever you do on the internet is an attack surface of some sort and is just something that you live with. Any time that I do something on the internet, yeah, that is on the back of my mind. Anyone from a script kiddie to some random hacker to some other foreign intelligence service, each with their different capabilities — what could they be doing to me?”
  • “You know, the situation is what it is,” he said. “There are protocols that were designed years ago before anybody had any care about security, because when they were developed, nobody was foreseeing that they would be taken advantage of. … A lot of people on the internet seem to approach the problem [with the attitude of] ‘I’m just going to walk naked outside of my house and hope that nobody looks at me.’ From a security perspective, is that a good way to go about thinking? No, horrible … There are good ways to be more secure on the internet. But do most people use Tor? No. Do most people use Signal? No. Do most people use insecure things that most people can hack? Yes. Is that a bash against the intelligence community that people use stuff that’s easily exploitable? That’s a hard argument for me to make.”
  • I mentioned that lots of people, including Snowden, are now working on the problem of how to make the internet more secure, yet he seemed to do the opposite at the NSA by trying to find ways to track and identify people who use Tor and other anonymizers. Would he consider working on the other side of things? He wouldn’t rule it out, he said, but dismally suggested the game was over as far as having a liberating and safe internet, because our laptops and smartphones will betray us no matter what we do with them. “There’s the old adage that the only secure computer is one that is turned off, buried in a box ten feet underground, and never turned on,” he said. “From a user perspective, someone trying to find holes by day and then just live on the internet by night, there’s the expectation [that] if somebody wants to have access to your computer bad enough, they’re going to get it. Whether that’s an intelligence agency or a cybercrimes syndicate, whoever that is, it’s probably going to happen.”
  • There are precautions one can take, and I did that with the Lamb. When we had our video chat, I used a computer that had been wiped clean of everything except its operating system and essential applications. Afterward, it was wiped clean again. My concern was that the Lamb might use the session to obtain data from or about the computer I was using; there are a lot of things he might have tried, if he was in a scheming mood. At the end of our three hours together, I mentioned to him that I had taken these precautions—and he approved. “That’s fair,” he said. “I’m glad you have that appreciation. … From a perspective of a journalist who has access to classified information, it would be remiss to think you’re not a target of foreign intelligence services.” He was telling me the U.S. government should be the least of my worries. He was trying to help me. Documents published with this article: Tracking Targets Through Proxies & Anonymizers Network Shaping 101 Shaping Diagram I Hunt Sys Admins (first published in 2014)
Gonzalo San Gil, PhD.

Linux Foundation Security Checklist: Have It Your Way | Community | LinuxInsider - 0 views

  •  
    "Sysadmins should use the LF security checklist as a resource, said its creator, Konstantin Ryabitsev. "They can evaluate it, adapt it, hack on it until it fits their purpose, and hopefully contribute back...
Gary Edwards

ongoing · What's "Cloud Interop"? - 0 views

  •  
    The question that seems more important than all the rest is "Can I afford to switch vendors?" Let's consider some examples. When printers wear out, you can buy new printers from whoever with little concern for switching cost. If you're unhappy with your current servers, you can replace them with models from lots of vendors (Sun, Dell, HP, IBM, others) without worrying too much about compatibility (well, you may have some racking and cabling pain); the issues are price, performance, and support. If you're grouchy about your OS, you can move between *n*x flavors like Debian, SUSE, and Solaris pretty freely in most (granted, not all) cases; with maybe some deployment and sysadmin pain. If you're unhappy with your desktop environment, well too bad, you're stuck. Your users are too deeply bought into some combination of Outlook calendaring and Excel macros and Sharepoint collab. The price of rebuilding the whole environment is simply too high for most businesses to consider. If you're unhappy with your Oracle licensing charges, you probably have to suck it up and deal with it. SQL is a good technology but a lousy standard, offering near-zero interoperability; the cost of re-tooling your apps so they'll run on someone else's database is probably unthinkable. Like they say, you date your systems vendor but you marry Larry Ellison.
Gonzalo San Gil, PhD.

Server Hardening | Linux Journal - 0 views

  •  
    "Jan 14, 2016 By Greg Bledsoe in HOW-TOs Security Servers SysAdmin Server hardening. The very words conjure up images of tempering soft steel into an unbreakable blade, or taking soft clay and firing it in a kiln, producing a hardened vessel that will last many years. Indeed, server hardening is very much like that"
Gonzalo San Gil, PhD.

GitHub - mimoo/FirefoxTimeTracker: a time tracker to avoid slacking (firefox plugin) - 0 views

  •  
    "a time tracker to avoid slacking (firefox plugin)"
Gonzalo San Gil, PhD.

[# ! #Open #Tech:] How to Recover a Deleted File in Linux - 1 views

  •  
    "Did this ever happen to you? You realized that you had mistakenly deleted a file - either through the Del key, or using rm in the command line."
Gonzalo San Gil, PhD.

20 Command Line Tools to Monitor Linux Performance - 1 views

  •  
    "It's really very tough job for every System or Network administrator to monitor and debug Linux System Performance problems every day. "
Gonzalo San Gil, PhD.

CentOS / Redhat Iptables Firewall Configuration Tutorial - 0 views

  •  
    "How do I configure a host-based firewall called Netfilter (iptables) under CentOS / RHEL / Fedora / Redhat Enterprise Linux? Netfilter is a host-based firewall for Linux operating systems. It is included as part of the Linux distribution and it is activated by default. This firewall is controlled by the program called iptables. Netfilter filtering take place at the kernel level, before a program can even process the data from the network pack"
  •  
    "How do I configure a host-based firewall called Netfilter (iptables) under CentOS / RHEL / Fedora / Redhat Enterprise Linux? Netfilter is a host-based firewall for Linux operating systems. It is included as part of the Linux distribution and it is activated by default. This firewall is controlled by the program called iptables. Netfilter filtering take place at the kernel level, before a program can even process the data from the network pack"
Gonzalo San Gil, PhD.

The Top 20 Free Network Monitoring and Analysis Tools for Sys Admins - 0 views

  •  
    "We know how administrators love free tools that make their life easier. Here are 20 of the best free tools for monitoring devices, services, ports or protocols and analyzing traffic on your network. Even if you may have heard of some of these tools before, we're sure you'll find a gem or two amongst this list - and if you know of any others, leave us a comment below!"
1 - 10 of 10
Showing 20 items per page