aelius

Se supara cineva daca inchid threadul asta? E o discutie interminabila, fara sens. Completati de pomana petitii online si discutati la fel. Si nu mai credeti tot ce se scrie in presa. Sunt doar ziaristi halitori de rahat si sunt in stare sa faca orice pentru audienta.

Vad ca ai "11 point(s) total" - Nu stiu dupa ce criterii vBulletin calculeaza reputatia. Pare in regula, nu este vorba de un abuz. In cel mai rau caz, de o eroare (insa nu este cazul). Eu am 262 puncte si imi afisaza rep power 10. Serios, chiar nu sta nimeni sa "manareasca" rep power-ul userilor.

In yet another washup from the Snowden revelations, the developers of FreeBSD have decided to take several steps backwards in their crypto work, to stop using hardware random number generators (RNGs). The two hardware RNGs singled out by the FreeBSD developers in this post are Intel's RDRAND (in Ivy Bridge processors), and VIA's Padlock. The decision was made at the FreeBSD Developer Summit, held in Malta in September, but the decision to pull the hardware RNGs didn't attract any attention at the time. “For [FreeBSD] 10, we are going to backtrack and remove RDRAND and Padlock backends and feed them into Yarrow instead of delivering their output directly to /dev/random. It will still be possible to access hardware random number generators, that is, RDRAND, Padlock etc., directly by inline assembly or by using OpenSSL from userland, if required, but we cannot trust them any more”, the post states. One solution on offer from Polish developer Pawel Jakub Dawidek, the post states, is to use the time it takes to attach devices at boot time, and feed these numbers into /dev/random: “it turns out that one can get about 4 good bits of entropy from each device”. Among the many things Edward Snowden's documents have suggested is that the NIST's crypto standardisation efforts were nobbled by the NSA. This confirmed long-standing knowledge that the Dual Elliptic Curve Deterministic Random Bit Generator is weak, leading to RSA abandoning it in September. Not everybody believes that RDRAND falls into the same category. Linus Torvalds, for example, dismissed concerns about the instruction, telling the author of an online petition to yank the command from Linux “we actually know what we're doing. You don't”. In that debate, Torvalds pointed out that RDRAND isn't the only source of entropy for values streamed into /dev/random in a Linux implementation. Source: FreeBSD abandoning hardware randomness • The Register Personal note: You can use EGD instead of standard '/dev/random'. Also, you can use it for apache (httpd) in https configurations.

The latest release of the Firefox web browser, version 26, now blocks Java software on all websites by default unless the user specifically authorizes the Java plugin to run. The change has been a long time coming. The Mozilla Foundation had originally planned to make click-to-run the default for all versions of the Java plugin beginning with Firefox 24, but decided to delay the change after dismayed users raised a stink. Beginning with the version of Firefox that shipped on Tuesday, whenever the browser encounters a Java applet or a Java Web Start launcher, it first displays a dialog box asking for authorization before allowing the plugin to launch. Users can also opt to click "Allow and Remember," which adds the current webpage to an internal whitelist so that Java code on it will run automatically in the future, without further human intervention. Mozilla's move comes after a series of exploits made the Java plugin one of the most popular vectors for web-based malware attacks over the past few years. So many zero-day exploits targeting the plugin have been discovered, in fact, that the Firefox devs have opted to give all versions of Java the cold shoulder, including the most recent one. Generally speaking, Mozilla plans to activate click-to-run for all plugins by default, although the Adobe Flash Player plugin has been given a pass so far, owing to the prevalence of Flash content on the web. In addition to the change to the default Java plugin behavior, Firefox 26 includes a number of security patches, bug fixes, and minor new features. The official release notes are available here and a full list of changes in the release can be found here. As usual, current Firefox installations can be upgraded to version 26 using the internal update mechanism, and installers for the latest release are available from the Firefox homepage. Source: http://www.theregister.co.uk/2013/12/10/firefox_26_blocks_java/

Se refera la faptul ca utilizatorul ce a deschis threadul (adica tu) nu este de incredere iar aplicatia postata este un stealer. Tie nu iti pare ilogic sa ai username clitoris pe un forum IT ?

Am remarcat ca in ultima vreme am fost invadati de tot felul de indivizi, marea majoritate venind de pe irc (dupa vocabular). Ar fi de preferat ca cei care intra aici si doresc sa vanda ceva pe RST Market, sa aduca si un beneficiu acestei comunitati: un tutorial, o stire de securitate, un mic ajutor celorlalti utilizatori. Serios, aici nu e mercador. De asemenea, cand doresc sa vanda servere, sa spuna ce anume vand mai exact: server linux, distributie, model cpu, memorie. S-a umplut forumul de "vand root uid0 eth0". Ce saracia e asta fratilor? Eu o vad ca pe o bataie de joc si o sa incep sa dau warn-uri unde vad asa ceva. Invatati ce inseamna termenii pe care-i folositi! - root: Nu, nu este un server de scan. Este un utilizator cu drepturi depline intr-un sistem *nix - eth0: Reprezinta primul device de retea intr-un sistem linux. Va incomodeaza daca se numeste rl0, fxp0, em0, bge0? - uid0: Pai daca ati spus ca vindeti ROOT, poate el avea alt USER ID decat 0 ? E ca si cum ati spune ca vindeti masina cu volan si claxon.

Haideti sa vedem impreuna starea vremii: http://www.vremeainpulamea.ro/?oras=Brasov Si un oras inexistent: http://www.vremeainpulamea.ro/?oras=wegrbsfngn

Microsoft has released 11 Security Patch this Tuesday, including one for CVE-2013-5065 zero-day vulnerability, recently discovered Local privilege escalation vulnerability that could allow a hacker to launch an attack using corrupted TIFF images to take over victims' computers. FireEye researchers said they found the exploit in the wild being used alongside a PDF-based exploit against a patched Adobe Reader vulnerability. December's Patch Tuesday update bundle brings five bulletins ranked critical, including a patch for a vulnerability that could allow remote code execution in Internet Explorer and another remote code execution vulnerability in Office and Microsoft Server is also addressed. Other patches addressing remote code execution vulnerabilities in Lync, all versions of Office and Microsoft Exchange. All supported versions of Windows, from XP to RT and 8.1, are affected by at least one of the critical vulnerabilities. The Six Security bulletins rated important deal with local elevation of privilege vulnerabilities in Windows and Microsoft Developer Tools. Users are recommended to upgrade to Windows 7/above or Linux Distributions, and make sure that you have installed the latest versions of Adobe Reader. Microsoft has also released an updated version (1.163.1657.0) of the Windows Malicious Software Removal Tool. Source: Microsoft released Security Patch for CVE-2013-5065 TIFF Zero-Day vulnerability About CVE-2013-5065: CVE - CVE-2013-5065 and the confirmation from Microsoft: http://technet.microsoft.com/en-us/security/advisory/2914486

Google announced that it detected a French government agency using unauthorized digital certificates for several Google domains to perform man-in-the-middle attacks on a private network. Google security engineer Adam Langley described the incident as a "Serious Security breach", discovered in early December. These bogus certificates were fraudulently signed by the certificate authority of DG Trésor, the French Treasury and Cyber Defense agency known as ANSSI. Google has immediately updated Chrome’s certificate revocation list to block all dodgy certificates issued by the French authority. ANSSI said that the intermediate CA certificate was used to inspect encrypted traffic with the user's knowledge on a private network with a commercial device i.e. Snooping on its own users’ Internet usage. Last year, a Turkish certificate authority called 'Turktrust' was revealed to have issued two subordinate certificates for the domain gmail.com, and that these certificates had been used to intercept Gmail users’ traffic. NSA is also alleged to have used man-in-the-middle attacks through unauthorized certificates against Google in the past. Google said, "We're now working to bring this extra protection to more users who are not signed in." Source: Fake Google SSL Certificates, Made in France

LinkedIn's iOS application is prone to a vulnerability that may permit remote attackers to execute arbitrary code. Security Researcher Zouheir Abdallah has disclosed HTML parsing vulnerability in LinkedIn iOS an app, that can be used to phish for credentials or be escalated into a full blown attack. LinkedIn's vulnerability occurs when the messaging feature of LinkedIn's mobile app parses invalid HTML and an attacker can exploit this vulnerability remotely from his/her account, which could have serious impact on LinkedIn's users. He created Proof of concept of the flaw and submitted it to the LinkedIn Security team in September 2013. Later in October 2013, the vulnerable application was patched. One of the possible attack vector is that, using this vulnerability attacker can easily phish LinkedIn user on iOS app. As shown in the screenshot, POC message says: The iOS app will display the url without the hyperlink embedded in the HTML a href , and the receiver of the message will not even know that he is being redirected to a malicious site. The phishing site can be a replica of LinkedIn and tricks the victim into giving out his username and password. This attack can also be used against LinkedIn users by claiming that, they have to re-authenticate to view some article on LinkedIn. The Same attack could also work on different devices such as Android and Blackberry, but he couldn’t test as he didn’t have other handsets at hand. LinkedIn doesn't have a Bug Bounty program neither a Hall of Fame, nevertheless he received a symbolic token of a Shirt, Mug, and a thank you note from LinkedIn's security team. Zouheir is known for reporting a serious vulnerability in DropBox's 2 Factor Authentication back in July 2013. Source: LinkedIn iOS app HTML Message Parsing Vulnerability

Merci pentru raspuns. Discutiile o sa fie publice, asa se face intr-o comunitate.

Salut Rares, In ce fel de sisteme ai cunostinte de securitate ? As fi interesat sa discutam despre o solutie de securitate pe layer 7. -

Ca o nota la acest thread: Nu alegeti tot timpul calea usoara. De asemenea, e o idee buna sa incercati LFS. Eu m-am jucat prima oara cu linux pe la sfarsitul lui 1996 (red hat colgate). Daca totul merge cu managerul de pachete, nu inveti nimic. E ca la windows (click, click, next). Cautati sa va compilati singuri pachetele, sa instalati dependinte si sa vedeti cum lucreaza fiecare in parte. Slackware era respins de multi pentru ca era mai 'hard' spre diferenta de debian (cele mai vechi distributii de linux)

Asta e "maxima" chestia. Eu as fi optat totusi si pentru un sicriu

It's not surprising that FBI uses malware to track the activities and location of suspects. A New article published by Washington Post covers the story about FBI using malware for surveillance to track suspect's movements. FBI team works much like other hackers, targets suspects with the Spear Phishing technique that will attempt to exploit vulnerability in the target's machine and installs malware. The malware then collects information from the infected machine and send it back to FBI's server. The malware is also capable of covertly activating webcams. In a bank fraud case, Judge Stephen Smith rejected FBI request to install spyware in the suspect's system in April. Smith pointed out that using such kind of technologies ran the risk of accidentally capturing information of others who are not involved in any kind of illegal activity. In another case, another judge approved the FBI's request in December 2012. The malware also successfully gathered enough information from the suspect's system and helped in arresting him. In another case, July 2012, an unknown person who is calling himself "Mo" from unknown location made a series of threats to detonate bombs at various locations. He wanted to release a man who had been arrested for killing 12 people in a movie theater in the Denver suburb of Aurora, Colo. After investigation, they found out Mo was using Google Voice to make calls to Sheriff , he also used proxy for hiding his real IP. After further investigation, FBI found out Mo used IP address located in Tehran when he signed up for the email account in 2009. In December 2012, judge approved FBI's request that allowed the FBI to send email containing surveillance software to the suspect's email id. However, the malware failed to perform as intended. But, Mo's computer sent a request for info to FBI's server from two different IP address. Both suggested that he was still in Tehran. Source: http://www.ehackingnews.com/2013/12/fbi-uses-spear-phishing-technique.html

More than 30 India's state 'Rajasthan' Government websites has been hacked and defaced by a Pakistani hacker named as "H4x0r HuSsY". The motivation of the hack is appeared to be increasing defacement notification in Zone-h. The hacker claims he is the "person with the highest number of special (.IN) Notifs." "Proved to be Hell For India! I might Opt Out of the Cyber World As I don't get much time. But Here's a Peace Message. To All Indian Hackers etc etc U Gotta Look at my Zone-H Archive Whenever you have Intentions of hacking (.PK) Sites" The defacement message reads. It appears hacker does not like to deface the main page because it will be easily detected by admins. He just uploaded 1337.html which contains the defacement contents instead. This is not the first time these Rajasthan Government Government websites being hacked by Pakistani hackers; Last year, KhantastiC haXor defaced them. The hacker also mentioned that the server was previously compromised by the Khantastic and he again compromised the server with another security flaw in the server. In july 2013, H4x0r HuSsY also hacked more than 15 Goa government websites. // Mai bine le zicea H4x0r PuSsY nu HuSsY ;-) Sursa: Over 30 Rajasthan Government websites hacked by Pakistan Hacker "H4x0r HuSsY" - E Hacker News

When Google took the wrapper off its Amazon-like Compute Engine service last week, investors in rival cloud companies – including Amazon – panicked. Shares in Amazon and the OpenStack-backer Rackspace fell as investors feared Mountainview would translate its dominance of internet search and ads to cloud hosting. There's certainly a new chapter opening in the battle to own the cloud, signified by Amazon, Google and others announcing new features and strategies. They all want one thing: to rent your data to you by becoming your outsourced data centre provider. But Amazon isn't the one likely to feel the heat - not any time soon. And this isn't a battle for number one - at least not yet. Currently, we're looking at a battle for the number two, and it's a battle that'll be waged between Google and Microsoft, based on the customers they can leverage and their level of drive and determination. OpenStack, Rackspace and those pitching the "open cloud" aren't in the race for number two. Based on size and growth, Amazon's AWS is the one to beat. The S3 storage service component of EC2 at last count in April held 2 trillion objects - that was up from 1.3 trillion five months before 1 trillion 10 months before that. S3 is growing like a hockey stick: it took six years to hit 1 trillion objects, but now it's going straight up. Meanwhile, Microsoft claimed 8.5 trillion objects in rival Windows Azure cloud in June, but such claims are worth taking with a pinch of salt. They came out after Amazon's statistic and Windows Azure is several years younger than AWS. Judging by the places where cloud companies are making changes by introducing new features, the target demographic for rapid growth is the business customer. Business customers have have warehouses full of data, most of which is considered mission-critical to something or other. Once you've got them on your platform, it's difficult for them to move because data is sticky and heavy. Amazon has been adding more business-class features to AWS for the years and in the last month it added PC virtualisation, app streaming, high-throughput storage, identity management and data stream processing options to EC2. Not so fast, Google... Since when were you the biz bods' choice? Now Google is gunning for business customers. Business customers are a ripe target: they like the idea of outsourcing their servers but in truth want something less Amazon-y, especially the Microsoft shops. Microsoft shops want to re-use their existing skills and investments. Also, they want the kind of security and SLAs that come with Microsoft. Redmond is big in business, so it's a natural fit. Google's has business customers - just not so many. Its customer base is mostly consumer thanks to internet search and ads, but it has been making a business play. Also, it has been signing up more companies to Google Apps. If you don't think Google can do this, just remember Amazon was an online book shop before it became a supplier of enterprise IT. If you don't like Microsoft or Amazon and don't trust Google, there is another option: OpenStack. This sprung to life in 2010 as a project at NASA with Rackspace – one provided the compute while the other contributed storage components. OpenStack was supposed to sow the seeds for an open cloud, with a project like Linux - hence it was described as Linux for the cloud. A thousand OpenStack clouds were supposed to bloom. Problem is, OpenStack has not found its launchpad moment. There has been plenty of enthusiasm and developer interest: More than 517 contributors and 230 new features at last count in April. Industry support has poured in from AT&T, IBM, Cisco, Hewlett-Packard, Dell, Juniper, Rackspace and Red Hat. But we're not seeing the public OpenStack cloud deployments. The biggest we have is HP's Public Cloud service in September 2011, but two years on HP is not talking business, revenue or customers. And now, even NASA has dumped OpenStack for Amazon, as the consultants who built its OpenSack implementation left long ago to go into consulting and development. The problem seems to have be OpenStack's customisability: There's too much choice and too much focus on features. The result has been a handful of OpenStack consultants and specialists working the cloud scene on a number of customer implementations. That's great for the consultants but bad for mass-market, public adoption of OpenStack because it remains too rocket-sciency for the average adopter. HP faced problems getting OpenStack up and running thanks to the paucity of knowledge and its own lack of internal experience. Until last week, the battle for biz cloud appeared to be a comfortable two-way fight between Amazon and Microsoft. The former had a huge lead on customers and features, while the latter kept launching new features and price packages to catch up. Amazon would respond with more new features and lower prices. Google opens up a new front for Amazon. You're unlikely to see Amazon flinch, not yet at least. Not until Microsoft and Google have finished punching each other up. Sursa: Amazon won't break into sweat about Google's cloud. Yet • The Register // nota personala: Parerea mea este ca Google mai are mult de invatat pana sa ajunga la nivelul lui Amazon. De acord, sistemul de la Amazon este foarte stufos insa e destul de profesional incat sa dea clasa la orice concurent in momentul de fata.

nterview A TrueCrypt audit project has uncovered a well of technical support with its plans to publicly audit the widely used disk and file encryption utility for the first time. TrueCrypt is a widely used utility that encrypts and decrypts entire drives, partitions or files within a virtual disk. The tool can also hide volumes of data on discs. The TrueCrypt audit project raised enough money to pay for a professional review of the software within days of its launch. The Register recently caught up with one of the two founders of the project – Kenneth White, principal scientist at biotechnology firm Social & Scientific – to find out more about where the project goes from here. The Reg: You've achieved your early funding goals but will carry on accepting donations because there's much more you'd like to do, such as the bug bounty? Kenneth White: On IndieGoGo, you have to set a funding time range, so the 60 days was arbitrary, and, at the time we thought $25,000 was a pretty ambitious stretch goal. It turns out we hit that target in the first four days of the campaign. But yes, we've set our sights high in terms of what we would like to accomplish. We have formed a technical advisory panel and are discussing different strategies to make best use of our funding, perhaps a combination of professional security engineering analysis, academic review and public research. We are also in talks with a couple of non-profits who have offered to co-sponsor the work, but several details [need] to be worked out. The Reg: Are there any historic precedents for your project? Do you think the same idea could be applied to evaluating other security packages? I understand that you want to do TrueCrypt first but am wondering if this type of kick-starter idea might be applied to other security projects, by yourself or others, in future? White: The closest with TrueCrypt was by the 2008 review by engineers working with privacy-cd.org. But more broadly, the best model we have seen - and [one which we] hold as our standard - is the recent public review (PDF) of SecureDrop by the University of Washington CS Engineering Department, along with Bruce Schneier and Jacob Applebaum. The Reg: A security researcher has compiled TrueCrypt 7.1a for Win32 and matched the official binaries. Xavier de Carné de Carnavalet, a master's student in information systems security at Concordia University, Canada, claims he achieved what few others have managed so far. I know confirming the Win executable matches the source code was one of your goals. So does Xavier's work satisfy this or is further confirmation needed? Is Xavier affiliated with yourselves? White: It's a necessary first step, and we were impressed by Xavier's work. He's not affiliated, but has offered to help. He's a very talented engineer, and very humble. The Reg: What does the future hold? White: With the recent NIST recall and subsequent third party review of their entire "body of existing cryptographic work", I suspect there will be many more stories to come. Source: TrueCrypt audit project founder: 'We've set our sights high' • The Register

The Russian government has charged a group of people with organized crime offenses related to the creation and use of the Blackhole malware kit. Word first leaked out via Europol in October that a man going by the alias "Paunch", who was suspected of being the creator of the infamous crimeware tool, had been arrested in Russia. On Friday, the Russian Ministry of Internal Affairs Investigation Department posted a notice that a total of 13 individuals had been charged with crimes under Article 210 of the Criminal Code of the Russian Federation, which covers "creation of a criminal community (criminal organization) and participation therein." According to the Ministry's press release, the group used Trojan horse programs and other malware to engage in "massive embezzlement of funds from the accounts of individuals and legal entities," to the tune of about 70m Russian rubles ($2.1m). Russian banks throughout Moscow, Tyumen, Ulyanovsk, Krasnodar, Petrozavodsk, and the Kursk region were reportedly targeted in the scheme. All of that seems to have come to an end now, however, as security researchers report that the Blackhole kit stopped being updated shortly after the suspects were arrested – aren't life's little coincidences funny sometimes? – and cybercriminals have reportedly begun moving on to other tools. None of the accused were named in the Russian government's notice. Under Russian law, anyone convicted under paragraph 1 of Article 210, "creation of a criminal community (criminal organization) for the purpose of committing one or several grave or especially grave crimes," faces imprisonment for 12-20 years and fines of up to 1m rubles ($30,600). The accused have also been charged under paragraph 2 of Article 210, "participation in a criminal community (criminal organization) or in an association of organizers, leaders, or other representatives of organized groups," which carries an additional penalty of 5-10 years' imprisonment and fines up to 500,000 rubles ($15,300). The accused are all currently being held under "pretrial restraints," although no date was given for when the case is expected to be brought before a judge Source: Russia charges 'criminal organization' behind Blackhole malware kit • The Register

Thirteen US defendants last week pleaded guilty to taking part in attacks by Anonymous against PayPal. The US Department of Justice (DoJ) said the accused had all admitted to carrying out a Distributed Denial of Service (DDoS) cyber-attack against PayPal in December 2010 in protest against the payment processing firm's decision to stop handling donations to WikiLeaks over the Cablegate affair. One of the defendants also pleaded guilty to a separate cyber-attack on the website of Santa Cruz County. In a plea agreement, the accused admitted using the Low Orbit Ion Cannon tool, Anonymous's favourite website flooding utility, to hit PayPal as part of “Operation Avenge Assange”. The 13 defendants pleaded guilty to computer hacking offences. In a DoJ statement, the accused were named as: Christopher Wayne Cooper, 26 (AKA Anthrophobic), from Elberta, Alabama; Joshua John Covelli, 28, (AKA Absolem) from Fairborn, Ohio; Keith Wilson Downey, 29, from Jacksonville, Florida; Mercedes Renee Haefer, 22, (AKA No) from Las Vegas, Nevada; Donald Husband, 32, (AKA Ananon) from Fairfield, California; Vincent Charles Kershaw, 29, (AKA Trivette, Triv, and Reaper) from Fort Collins, Colorado; Ethan Miles, 36, from Flagstaff, Arizona; James C. Murphy, 39, from Baldwin Park, California; Drew Alan Phillips, 28, (AKA Drew010) from Santa Rosa, California; Jeffrey Puglisi, 30, (AKA Jeffer) from Clinton Township, Michigan; Daniel Sullivan, 24, from Camarillo, California; Tracy Ann Valenzuela, 44, from Napa, California; and Christopher Quang Vo, 24, from Attleboro, Massachusetts. Covelli also pleaded guilty to executing a DDoS attack (with another defendant, presently a fugitive) against the Santa Cruz County web server, which the Feds reported him as saying was "in retaliation" for the break-up of a local protest camp by the City of Santa Cruz. Covelli and others, calling themselves the “People’s Liberation Front” or “PLF” and claiming to allegiance to Anonymous, launched a DDoS against Santa Cruz County’s website as part of “Operation Peace Camp 2010”. All 13 defendants were released on bail pending sentencing hearings scheduled for November and December 2014. Last week eBay chairman Pierre Omidyar called for leniency in the prosecution of those accused of playing a part in DDoSing PayPal. He pointed out that the accused are part of thousands who took part in the protest. There's no particular suggestion that any of the accused can be properly described as ringleaders in the protest but despite this and even after their guilty pleas, the suspects are still at risk of finding themselves behind bars for a prolonged stay at Club Fed. The PayPal DDoS prosecution follows an investigation by the Federal Bureau of Investigation, along with cooperation from PayPal. Authorities in the Netherlands, Germany and France have also taken their own investigative and enforcement actions. The National Cyber-Forensics and Training Alliance also provided assistance in investigating the high profile case. Source: PayPal 13 plead guilty to launching DDoS attacks • The Register

Ai recompilat kernelul, da ? Ceva nu s-a pus bine acolo, banuiesc ca e de la vechea versiune de kernel system-mapul ala. Ai asta aici ? "/usr/src/linux/System.map" Daca fisierul e acolo si ai recompilat kernelul, copiaza fisierul ala in system.map cp [COLOR=#000000]/usr/src/linux/System.map [/COLOR][COLOR=#333333]/boot/System.map-2.6.32-220.el6.x86_64[/COLOR]

Thank you. I use another theme. (should be fixed now) // edit: done, merci

Un singur DL380 cu link de 10Gbps (nu mai stiu placa de retea ce era, dar faceam tcp offloading si cu ea). Serverul mai ducea inca. Request-urile erau de la un botnet cu http flood. Ce zice 'uname -r' ? Asigura-te ca este asa: /boot/System.map-$(uname -r); Sa nu fi copiat tu aiurea dupa recompilare.

Linux -> Debian (nota: am folosit multi ani Slackware). In rest ... FreeBSD (dar asta nu e linux) De ce Debian ? - Simplitate in utilizare si administrare. Pachetele sunt relativ ok. Se descurca bine cu dependintele iar managerul de pachete este super. De ce FreeBSD ? - Suport networking (carp - failover, load balancing), management foarte bun pe resurse, packet filter (de sute de ori mai bun decat iptables), high available storage, suport bun ZFS si multe altele. - Un alt plus: Suporta TUNING la "nesimtire". Am tinut cu un FreeBSD si un nginx modificat putin in jur de 800.000 de requesturi http pe secunda.

Content delivery network (CDN) specialist Akamai Technologies is acquiring Prolexic in a bid to extend its web optimization and security offerings. Prolexic is a natural extension for Akamai, as the hybrid CDN/security model has been on the rise. Akamai will acquire all of the outstanding equity of Prolexic in exchange for a net cash payment of approximately $370 million, after expected purchase price adjustments, plus the assumption of outstanding unvested options to purchase Prolexic stock. Prolexic gives Akamai (AKAM) further cloud-based security for protecting data centers and enterprise IP applications from distributed denial of service (DDoS) attacks. DDoS attacks can temporarily cripple a organization, preventing legitimate users from accessing a service. “Any company doing business on the Internet faces an evolving threat landscape of attacks aimed at disrupting operations, defacing the brand, or attempting to steal sensitive data and information,” said Tom Leighton, CEO of Akamai. “By joining forces with Prolexic, we intend to combine Akamai’s leading security and performance platform with Prolexic’s highly-regarded DDoS mitigation solutions for data center and enterprise applications protection. We believe that Prolexic’s solutions and team will help us achieve our goal of making the Internet fast, reliable, and secure.” Companies like CloudFlare that provide a hybrid of CDN and security services have captured a lot of the consumer market, and stand as a possible future threat to Akamai’s business. Akamai needs to evolve, and it is doing so here. Akamai is firmly rooted in the higher end of the market and will maintain its position by expanding its portfolio of security solutions, in addition to content delivery services. The acquisition means businesses can acquire performance and DDoS mitigation from a single vendor. “Today, business is defined by the availability, security and latency of Internet-facing applications, data and infrastructure,” said Scott Hammack, CEO at Prolexic, which has been a pioneer in DDoS defense. “Being able to rely on one provider for Internet performance and security greatly simplifies resolution of network availability issues and offers clients clear lines of accountability. We believe that, together, we will be able to deliver an unprecedented level of network visibility and protection.” Akamai intends to provide customers with a comprehensive portfolio of security solutions designed to defend an enterprise’s Web and IP infrastructure against application-layer, network-layer and data center attacks delivered via the Internet. Source: Akamai Acquires Prolexic to Protect Customers From DDoS Attacks | Data Center Knowledge