Unpatched Vulnerabilities page

Ha egy ilyen To Do List-em lenne, elmennék nyaralni, mert vagy elintéződik magától, vagy bedől az oldala, de a vége nem látszik.

The Not So Real Time Monitoring of Reported Unpatched Vulnerabilities page here in CoU has been updated today.
Changes
Adjustment on number of unpatched advisories for the following products:

  • Windows Vista – 1 out of 0 to 1 out of 2
  • Windows XP Pro – 32 out of 170 to 32 out of 177
  • Windows XP Home – 29 out of 155 to 29 out of 161
  • Windows 2000 – 24 out of 146 to 24 out of 151
  • Outlook 2003 – 1 out of 12 to 1 out of 14
  • IE 7 – 3 out of 4 to 4 out of 6
  • IE 6 – 19 out of 110 to 19 out of 111
  • Firefox 2 – 1 out of 2 to 2 out of 3
  • Office 2003 Pro – 8 out of 31 to 5 out of 32
  • Office XP – 6 out of 35 to 3 out of 35
  • Windows Defender – 0 out of 1 (added in the list)
  • Live OneCare – 0 out of 1 (added in the list)
  • Trend Micro Anti-spyware – 0 out of 1 (added in the list)

Single Day Event On: 2/14/2007

Source: Unpatched Vulnerabilities page

SAN and NAS virtualization

 

After some years of false starts and false hopes, storage virtualization, also known as block virtualization, is finally proving its worth. All the major vendors have embraced it, most notably IBM, EMC, and HDS (Hitachi Data Systems); the solutions themselves have improved; and customers, typically large shops managing large SANs with intense data availability requirements, understand how to deploy it and where to get good ROI. No longer a technology in search of a problem, storage virtualization offers a way to address a wide range of storage management woes.

Source: SAN and NAS virtualization

Novell offers faster virtualized Windows

No, mindenkinek kezébe került az IBM kb 30 évvel ezelőtti dokumentációja a mainframe-ek op.rendszereinek működéséről. Lassan keresztbe-kasul virtualizálunk eltérő platformokat (mint egy “rendes” hippy communában),  a lényeg azonban, hogy egy op.rendszer alapvető része a virtualizálás (bármely alkalmazás virtuális gépként, sajátos környezetben működik) mintha elveszne.

Novell and Intel develop software that speeds Xen’s ability to run Windows as a virtual machine.

Source: Novell offers faster virtualized Windows

IBM announces sHype

Vesd össze:
Robert McMillan, IDG News Service
Friday, February 09, 2007 12:00 PM PST
http://www.pcworld.com/article/id,128888-c,vistalonghorn/article.html elképzeléseivel az IBM announcement-et. A vágy és a tett esete.

“We’re going to look at a fundamental piece of enabling technology. Maybe its hypervisors, I don’t know what it is,” he said. “Maybe it’s a new user interface paradigm for consumers.”

“It’s too early for me to talk about it,” he added. “But over the next few months I think you’re going to start hearing more and more.”

Quoting from the IBM official announcement:

The IBM secure hypervisor architecture, or “sHype,” is a Research technology designed to run in conjunction with commercial and open source hypervisors that control servers and data in a shared environment. sHype aims to provide a security “wrapper” around distributed workloads in the data center, extending mainframe-like security to pooled data and resources across multiple IBM and non-IBM systems.

sHype is designed to bring stronger security guarantees to popular x86 and blade servers. As is increasingly common, IBM Research developed the sHype technology not just in its own labs, but implementing early versions of sHype with customers to test and evaluate the code. Additionally, portions of sHype have been contributed to the Open Source community and are being used, for example, as part of the open source Xen hypervisor kernel.

sHype works in conjunction with hypervisors by establishing a virtual machine to act as a data center “security foreman.” The foreman uses preset configurations, business policies and exceptions set by the customer to lock down all content of the data center. It then automatically sets policies that evaluate, rank and code workloads as well as the physical and virtual resources needed to run each workload. Once workloads and resources are locked together, the integrity of the data and resources is assured and can be better managed by hypervisors accordingly…

Source: IBM announces sHype

Mennyibe kerül?

Derekas méretű hosts file-ok (pl.: a  hpHOSTS 59,279 host nevet tartalmaz). w2k és xp esetében, ha nem tesszük disable állapotba a DNS client service-t, akkor jelentős lassulást okozhat a nagyméretű host file. w9x és home esetében nem. Vista esetében csak administrator-i joggal lehet a hosts file-t módosítani.
Ezeket az host neveket számos szűrőprogram is vizsgálja, szűri (AD Muncher, SpywareBlaster, stb.).
Külön mise, hogy a hazai gané oldalak nem szerepelnek a listában.
Lassacskán felmerülhet a kérdés, mennyiért védekezünk és mi ellen?

Source: Calendar Of Updates Calendar