Jejak Langkah Seorang Pelamun
IT
Community Linux on the rise?
Sep 1st
PCWorld released a recap of a recent study showing a stronger ground community-based linux distributions gains in the enterprise market. Quoted from the study :
“Community distributions such as CentOS, Debian, and Gentoo are gaining enterprise respect for quality code, stability, response, and of course, for being “free as in beer” and “free as in freedom”. These community distributions are becoming a more significant market factor with growing enterprise acceptance and use of them”
Apparently more enterprises, especially in Europre, are willing to take chances running community-based distro (as opposed to commercial distro like RHEL or SuSE) using their internally capable resource for system administration, support, as well as application migration, although sometimes they still seek assistance from third-party consultant, which turns out to be cheaper than paying support from commercial-based distro.
Is this the end of commercial-based distro? Well it may be is too early to say so, but commercial distro should start reviewing their business model.
2008 Data Breach Investigation Report
Aug 26th
Verizon Business Security Services (formerly Cybertrust) recently released 2008 Data Breach Investigation Report. This report is based on 500 forensic cases handled by Verizon from 2004-2007, which then analyzed, compiled, and published as an overview on how the data breach was actually occured.
Some interesting findings from the report are as follows :
- 87% of the security breaches could have been avoided with basic security measures
- Two-thirds of the cases involved data that the organization did not know was present on the system
- 39% of the breaches involves business partners
Verizon Business has released a white paper about the report here.
Now, what is interesting about the report is the fact that, while information security as a discipline has gone a long way, the real world doesn’t seems to move forward. I mean, attack methodologies has evolved a long way from simple buffer overflow on a code to the latest DNS insecurity flaw, from platform to applications, from macro viruses to phishing, but the real deal is still the same, which is basic security measures has not been applied. Most of the attacks still involve known vulnerabilites that has been published and patches has been provided for months, but still, it’s exploited, and breach occured. How does that happen?
Apparently with all the new technologies the industry provided, there hasn’t been a significant change the way people approaches security. People are still chasing the ghost, spending millions and millions of money on information security year by year, and the bad guys still manages to come in from the same doors. So what, are we doing things wrong?
Maybe we’re not doing things wrong, we’re just putting our efforts at a wrong place. Maybe we’re so busy chasing the new buzz every day, worrying about new methods, new vulnerabilities, new security products, that we forget to do the basics, default deny, least privileges, and essential services.
And if we look back, aren’t all those security hype actually just that? Default deny? Least Privileges? Essential Services?
Email Archiving dengan MailArchiva
Aug 13th
Beberapa waktu lalu bos saya nanya-nanya tentang arsip e-mail beberapa bulan lalu. Cek mail server, tak ada arsip, bo. Lantas beliau minta saya setup arsip mail server di kantor. Secara mail server di kantor pakai ubuntu, solusinya adalah mail-archive gratisan. sebenarnya (mungkin) bisa simpan seluruh email yang masuk dan keluar dengan postfix, mail-server yang saya pakai, tapi karena lagi pengen utak-atik, saya cari solusi tersendiri. Browsing sana sini, sampailah saya ke mailarchiva. Ada dua versi, enterprise edition dan open-source edition. Karena saya tak mau bayar, ya pakai yang gratisan saja. Saya pun download mailarchiva open-source edition.
Firefox surpasses 50% market share in Indonesia
Jul 23rd
A blog entry in Mozilla website reports that Firefox, leading open-source browser had surpassed the 50% market share in Indonesia’s growing internet users. The research was conducted by Net Applications. No quote from the research website though, since you have to pay to view it :p. But the blog entry from Mozilla can be found here
Interesting, huh? Go Firefox
Universal PDF Printing on Sun Secure Global Desktop
Jul 21st
For those of you who are not familiar with SSGD, SSGD is an application-publishing software, enables the users from any platforms of desktop to access application on any platform of server. Applications all run on server and then published to the client via a web-browser. I’ll talk about the details later, but for now on, let’s stick to the definition 
.
I’m doing a POC work on one of our customer for Sun Secure Global Deskop (SSGD). The customer uses Windows 2003 Server as the application server that hosts the application, and Windows XP as the client. Now the problem is, the customer wants to print from SSGD to his network printer installed at the client. The problem is, he doesn’t want to install the printer driver on the application server.
More >
Recent Comments