Tabla de contenidos para March/April 2025 en ADMIN Network & Security

ADMIN Network & Security|March/April 2025

The Vital Importance of Being Earnestly Vigilant

Security can seem like a comedy of errors, in that you have host-based firewalls, an intrusion detection system (IDS), an intrusion prevention system (IPS), security information and event management (SIEM), and mobile device management (MDM); you use network address translation (NAT), require a virtual private network (VPN) for remote connectivity, keep all your systems updated, keep an application safe list and a deny list, encrypt your in-flight and at-rest data, require frequent and complex password changes, read reams of CVEs, and track every possible vulnerability in the known galaxy. Yet, some unwitting user clicks on an email attachment that somehow made it through your spam filter and botches the entire network with malware that sends you and the rest of the IT staff scrambling for days. Yes, that’s the life…

3 min.

ADMIN Network & Security|March/April 2025

Close to the Chest

Zulip, Mattermost, and Rocket.Chat Spurred on by the huge success of tools such as WhatsApp and Telegram, increasing numbers of business users are now showing an interest in chat services as an alternative to email for internal company communication. Tools, bots, and plugins that integrate other applications directly into the chat forums are also useful. Office staff can discuss current business cases with coworkers in the team chat while a bot from the ticket system feeds information on currently open tickets and processing status. Slack is currently one of the most popular chat services for businesses, partly because it integrates with more or less any commercially available business application and tool. However, as with all cloud applications, you must be careful: Confidential company communications end up somewhere in the Amazon…

14 min.

ADMIN Network & Security|March/April 2025

Eruption

Application-aware batch scheduler The basic Kubernetes scheduler – kube-scheduler – does a great job of bin-packing pods into nodes, but it can result in a scheduling deadlock for the more complicated multipod jobs that are created by analytics and artificial intelligence and machine learning (AI/ML) frameworks such as Apache Spark and PyTorch. That means expensive cluster resources, such as GPUs, sitting idle and unavailable to any workload. Volcano scheduler is a Cloud Native Computing Foundation (CNCF) project that introduces the Queue and PodGroup custom resources to enable gang scheduling (i.e., the simultaneous scheduling of multiple related objects) and facilitate more efficient use of the cluster. Complex jobs run more reliably, and data engineers become more productive. In this article, I demonstrate default Kubernetes scheduling behavior with the use of short-lived…

13 min.

ADMIN Network & Security|March/April 2025

Production Line

Operating system images with bootc Container images generally only provide the components you need to run a specific application inside a container and do not include a Linux kernel, a bootloader, firmware, or similar components. Many workflows already in place create and manage container images for applications, typically with a zoo of tools that create an image, check it for vulnerabilities, and then publish it in a container store. This workflow would also be helpful for bootable system images – which is exactly where two projects, bootc [1] and bootc Image Builder [2], enter the scene. Containers for Operating Systems These bootc projects let you use the same workflow you have in place for application containers to create operating system containers. All you need is a containerfile or Dockerfile along…

4 min.

ADMIN Network & Security|March/April 2025

Linux Magazine Subscription

SUBSCRIBE shop.linuxnewmedia.com/shop Expand your Linux skills: • In-depth articles on trending topics, including Bitcoin, ransomware, cloud computing, and morel • How-tos and tutorials on useful tools that will save you time and protect your data • Troubleshooting and optimization tips • Insightful news on crucial developments in the world of open source • Cool projects for Raspberry Pi, Arduino, and other maker-board systems Go farther and do more with Linux, subscribe today and never miss another issue! @linux-magazine.com @linuxpromagazine Linux Magazine @linuxmagazine@fosstodon.orgu Need more Linux? Subscribe free to Linux Update Our free Linux Update newsletter delivers insightful articles and tech tips to your inbox every week. https://bit.ly/Linux-Update…

1 min.

ADMIN Network & Security|March/April 2025

Discovery

Inventory and manage your IT systems Open-AudIT helps you to discover all of your IT resources. The software automatically identifies the devices and applications on your network, giving you up-to-date information at any time, which, in turn, is a massive help for compliance policies and security guidelines. Open-AudIT also has an option for continuous monitoring of your network, not only with a view to detect unauthorized devices or applications, but also to identify and shut down potential vulnerabilities. The intuitive user interface does not require in-depth technical knowledge, and the installation and setup process is straightforward. Comprehensive reporting functions then help you make day-to-day decisions relating to your IT assets. You can create user-defined reports to analyze specific information and adapt your IT strategy according to the results. The software…

10 min.

ADMIN Network & Security|March/April 2025

Stow It!

Centrally manage configuration files Individual application configurations, saved in what are known as dotfiles, are hidden files typically kept in a user’s home directory. You can manage these files centrally in a number of ways. Applications usually search for their configuration either in a user’s home directory or in ~/.config, which is the default for the XDG_ CONFIG_HOME variable. It is part of the Cross-Desktop Group’s (XDG’s) generic XDG base directory specification [1], which includes several standards for the configuration of desktop applications and also applies to text-only applications. Of course, you’d be smart not to rely on your own configuration files being available simply locally but to store them centrally, as well (e.g., in a Git repository). A relatively easy approach would be to store all the dotfiles in a…

4 min.

ADMIN Network & Security|March/April 2025

Neat Packaging

Processing the new sudo logging format The Linux sudo command helps Linux administrators run specific programs in the context of another user, typically root. In this way, non-privileged users can run management programs on a system. The tool writes to a log to keep track of users who used sudo to run programs. The default format has been plain text, but from version 1.9.4, it can be configured to log in JSON format. sudo Logging By default, sudo uses syslog to send log messages, which means that, on a Linux system, the messages end up in the system journal. You can choose between JSON and sudo plain text as the log format. Text ensures that the messages are easy to read while keeping the amount of information that ends up…

5 min.

ADMIN Network & Security|March/April 2025

WRITE FOR US

Admin: Network and Security is looking for good, practical articles on system administration topics. We love to hear from IT professionals who have discovered innovative tools or techniques for solving real-world problems. Tell us about your favorite: • Interoperability solutions• Practical tools for cloud environments• Security problems and how you solved them• Ingenious custom scripts • Unheralded open source utilities• Windows networking techniques that aren’t explained (or aren’t explained well) in the standard documentation We need concrete, fully developed solutions: installation steps, configuration files, examples – we are looking for a complete discussion, not just a “hot tip” that leaves the details to the reader. If you have an idea for an article, send a 1-2 paragraph proposal describing your topic to: edit@admin-magazine.com. Authors Marcin Gastol 26 Mark Heitbrink 80…

1 min.

ADMIN Network & Security|March/April 2025

Tech News

Palo Alto Networks Introduces Cortex Cloud Palo Alto Networks has released Cortex Cloud, which merges Prisma Cloud with Cortex CDR. This new version offers cloud detection and response capabilities along with AI-powered prioritization, automated remediation, and a simplified user experience. According to the announcement, “Cortex Cloud identifies and prioritizes issues across the entire development pipeline with end-to-end context across code, runtime, cloud and newly introduced third-party scanners.” “Cortex Cloud identifies high-risk threats with precision using Cortex XDR’s best-in-class CDR agent, which achieved industry-leading results in the most recent MITRE ATT&CK testing,” says Elad Koren (https://www.paloaltonetworks.com/blog/2025/02/announcing-innovations-cortex-cloud/), VP of Product Management, Prisma Cloud in a related blog post. Read more at Palo Alto Networks: https://www.paloaltonetworks.com/cortex/cloud. Canonical to Provide 12 Years of Kubernetes Support Canonical is committing to 12 years of security maintenance…

9 min.

ADMIN Network & Security|March/April 2025

Future Proof

Post-Quantum Cryptography with TutaCrypt Quantum computing represents a seismic shift in technology, promising breakthroughs in numerous fields. But for cryptography, quantum computers are a looming threat. Experts are well aware that traditional asymmetric encryption methods are at risk from quantum algorithms such as Shor’s algorithm [1], which efficiently factorizes large numbers and could theoretically break RSA and elliptic curve cryptography (ECC). For symmetric encryption techniques such as AES, the quantum algorithm known as Grover’s algorithm [2] halves the effective key length, thus requiring longer keys to maintain security. The looming end of conventional cryptography has caused mathematicians to search for a new kind of encryption that will resist quantum attacks. In order to succeed in the post-quantum world, a new generation of cryptographic algorithms will need to avoid the dependence…

6 min.

ADMIN Network & Security|March/April 2025

Light at the End of the Tunnel

Self-hosted Pritunl VPN server with MFA A virtual private network (VPN) can typically be described as a solution that allows an encrypted secure connection, often referred to as a tunnel, to be established to a private network. Many people associate a VPN with remote working, whereby an employee would establish a VPN connection to their corporate network (e.g., from their home office), allowing them to access resources such as file shares, intranet sites, and internal applications securely. Although the prevalence of cloud solutions have certainly reduced the need for VPNs, deploying a VPN solution can be considered for many other reasons. In addition to secure remote access, VPN solutions offer enhanced security on free public WiFi, and they can also circumvent geo-restricted content by routing all Internet traffic over the…

8 min.

ADMIN Network & Security|March/April 2025

Small but Deadly

Mobile hacking tool The story of Flipper Zero began in 2019 when Alex Kulagin and Pavel Zhovner set about raising funds for their business idea on Kickstarter. The rest is more or less history. Ever since Flipper Zero went viral on Tiktok as a “Tamagotchi for hackers,” there was no holding it back. The media have repeatedly associated Flipper Zero with the same potential applications: replicating electronic cash (EC) or credit card data and unlocking cars and hotel rooms. Smartphones can also be unlocked in a matter of seconds. Of course, these are just the applications that make a splash in the media. These capabilities have also given rise to criticism. In Canada, the device was banned for a time because of its capabilities. The government has since lifted the…

10 min.

ADMIN Network & Security|March/April 2025

Putting On the Brakes

Denial of service defense The Hypertext Transfer Protocol (HTTP) forms the foundation for communication between web browsers and web servers. Slowloris [1] initially follows the usual procedure of an HTTP connection, but then disrupts processing of the request by sending an incomplete HTTP request at a very slow speed, as follows: (1) Slowloris uses TCP to open a client connection to the target server; (2) instead of sending a full HTTP request directly to the server, Slowloris begins a request and then continuously, but very slowly, adds headers without ever completing the request; (3) the server fields all of the header data and waits for the request to complete, keeping the connection alive; and finally, (4) because the server can only process a limited number of simultaneous connections, a…

5 min.

ADMIN Network & Security|March/April 2025

A Helping Hand

Open source ticket system From the outset, OTOBO’s developers designed for efficiency, adaptability, and visual appeal. With features such as Docker support, dynamic forms, and full-text search, the software enables fast information extraction and can be customized to your organization’s needs. The free software makes full use of the possibilities of modern IT service management systems and offers a platform for an active community. The help desk system aims to be a cost-efficient technological alternative to proprietary products, to which its sophisticated features contribute. OTOBO [1] offers a range of advanced features for efficient and effective ticket processing. One of its key features is its ability to connect to Active Directory (AD) and other services that use the Lightweight Directory Access Protocol (LDAP) to support centralized management of user accounts…

11 min.

ADMIN Network & Security|March/April 2025

Secret Symbols

Passwords, passphrases, and passkeys The classic password has a long history and the terms, along with the times, are a-changing. At the end of the day, everyone still uses passwords, but the term passphrase, for example, describes a different way of creating and remembering them. After all, every attempt to access something starts with a secret that has to be resolved and handed over. One part of the puzzle is the username, which identifies the owner. Under normal circumstances, the owner should be the only person who has the key to access. When generating a password, the user faces two challenges: the need to generate a secure password, and the need to remember it. Unrealistic Rulesets Bill Burr wrote the official password guide for the U.S. National Institute of Standards…

15 min.

ADMIN Network & Security|March/April 2025

ADMIN 87

Our next issue will be packed with all the great content you expect from ADMIN. Here are a few of the upcoming articles: ◼ Visualizing File Access Patterns◼ NAPS2 SDK◼ OCR Tools◼ Netdata◼ And much more! Please note: Articles could change before the next issue. BE THE FIRST TO SEE WHAT’S NEXT Subscribe free to the ADMIN Preview newsletter and get a sneak peek at every article included in the next issue of ADMIN. Sign up today at https://bit.ly/admin-preview Image © artnovielysa, 123RF.com…

1 min.

ADMIN Network & Security|March/April 2025

Behind the Mask

Anonymization and pseudonymization of data Data anonymization and pseudonymization are not just technical approaches but should be key factors in every organization’s data protection strategy. Whereas anonymization aims to modify personal data such that the data subject cannot be identified, pseudonymization aims to make identification more difficult by replacing identifiers with pseudonyms. These techniques are particularly relevant in the context of Europe’s General Data Protection Regulation (GDPR), which stipulates strict requirements for the handling of personal data, requiring businesses to implement robust mechanisms that ensure both data integrity and data protection. Implementing anonymization and pseudonymization techniques is technically demanding and poses numerous challenges, including ensuring data quality and usefulness after anonymization and providing protection against re-identification risks. At the same time, these techniques offer immense opportunities, particularly with a view…

13 min.

ADMIN Network & Security|March/April 2025

Doing Without

Serverless applications with OpenFaaS In the rapidly evolving world of software development, one of the most transformative shifts in recent years has been the rise of serverless computing. This approach allows developers to focus on building and deploying code without having to worry about the underlying infrastructure. Open-FaaS (function as a service) [1] is a popular open source framework that enables serverless functions on any infrastructure, including public cloud environments, private data centers, or even on-premises Linux servers. Environment Setup Before diving in, ensure you have the following prerequisites in place: ◼ Ubuntu Server: an on-premises machine or cloud virtual machine (VM) running Ubuntu (20.04 LTS or later is recommended) with sudo privileges.◼ Kubernetes cluster: OpenFaaS runs on Kubernetes, so you need access to a Kubernetes cluster.◼ Docker: to build and…

8 min.

ADMIN Network & Security|March/April 2025

Contained

Simplify your migration from Docker to Podman Commercialization of open source projects and haggling over licensing issues are gnawing away at the acceptance of free software. This not uncommon switch to a commercial future often sounds the death knell for the community’s willingness to participate in ongoing development. An unclear licensing policy on the part of Docker developers has led to many controversies in the past, and an audit clause now imposes an additional burden on IT departments. Little wonder then that Red Hat, SUSE, and other Linux distributions replaced Docker with Podman years ago. To future-proof your own IT infrastructure, you need to be able to plan for the long term. And long discussions about licenses are likely to be counterproductive. Enter Podman [1], the open source project that…

12 min.

ADMIN Network & Security|March/April 2025

Tracker

Identify malicious traffic with Maltrail As digitalization makes further headway into business processes, the vulnerability of IT infrastructures increases. Just one undetected vulnerability could open the door to potential attackers. Even if 100 percent protection remains an illusion, organizations need to be proactive in the face of an increasingly stressful security landscape. Maltrail is a free tool that can be a useful addition in your search for would-be attackers on your network. Detection Managing legacy intrusion detection and intrusion prevention systems involves a great deal of effort, partly because hybrid approaches consisting of intrusion detection (IDS), hostbased intrusion detection (HIDS), and network-based intrusion detection (NIDS) systems are required. However, managing Maltrail is child’s play. To identify malicious traffic on your network, Maltrail uses publicly available lists that point out critical…

8 min.

ADMIN Network & Security|March/April 2025

Get to know ADMIN

ADMIN is packed with detailed discussions aimed at the professional reader on contemporary topics including security, cloud computing, DevOps, HPC, containers, networking, and more. Subscribe to ADMIN and get 6 issues every year Want to get ADMIN in your inbox? Subscribe free to ADMIN Update and get news and technical articles you won't see in the magazine. bit.ly/ADM IN-Update @admin-magazine.com @adminmag ADMIN magazine @adminmagazine@hachyderm.io…

1 min.

ADMIN Network & Security|March/April 2025

Spy Story

Remote access with Tactical RMM The remote monitoring and management (RMM) process is slightly confusing because it takes the established term “monitoring” out of its usual context and uses it in a different way. Most administrators likely think instinctively of tools that monitor servers in the data center (e.g., Nagios or Prometheus). However, that’s not what RMM is about; instead, it focuses on an organization’s clients, monitoring them remotely with various metrics so that, if something goes wrong with a computer, the alarm bells sound for the admin in charge. Monitoring and, in particular, managing mobile clients require different tools and processes from monitoring static servers in a data center. In this scenario RMM providers enter the play: RMM is basically remote monitoring by an agent component with the option…

12 min.

ADMIN Network & Security|March/April 2025

Toughen Up!

Designing a secure Active Directory Active Directory (AD) does not have a good reputation among many IT security specialists, and more than one admin thinks it should be removed as soon as possible. Of course, survivorship bias plays a role in such thoughts – infrastructures that require high-caliber specialists to rescue the day are ultimately those where the greatest discrepancy between lure for attackers and the degree of hardening exists. In this article, I use the term “hardening” to refer both to IT infrastructures themselves and to the people and processes involved in managing them. Active Directory can be run in a pretty much secure way if the organization involved is at least prepared to drop old habits and invest in a secure, state-of-the-art design instead of just in third-party…

18 min.

ADMIN Network & Security|March/April 2025

NEWSSTAND

Order online: bit.ly/ADMIN-Library #85 – January/February 2025 Monitoring We look at infrastructure and systems monitoring and evaluate the tools needed to scale or store data in the long term for analysis. On the DVD: Fedora Server 41 #84 – November/December 2024 Non-Relational Databases NoSQL databases manage data unsuitable for table-based relational databases and deliver efficiencies in scaling and high availability. On the DVD: Ubuntu 24.04 LTS Server “Noble Numbat” #83 – September/October 2024 Storage Improved management, suitable drivers, standardized protocol structures, and advancements in future-proof hardware and software lead to more durable, more manageable, and easier-to-repair storage. On the DVD: TrueNAS SCALE 24.04 “Dragonfish” #82 – July/August 2024 Sovereign Cloud Stack SCS liberates your data centers from monopolistic operations and companies beholden to out-country laws and regulations. On the DVD:…

1 min.