Admin Network & Security I62 03.04 2021.pdf

(14252 KB) Pobierz

FREE

DVD

AD Protected Users

Web Servers

ADMIN

LEAN

WEB

Servers

Network & Security

ADMIN

Network & Security

ISSUE 62

Go lighter and get faster

Hiawatha

– A light-footed web server

Lighttpd

– Lean, fast, and simple to

configure

Kea

– A modern DHCP server

4 Software-based load balancers

And more!

Apache security, HTTP/2 and Nginx,

Apache and Nginx subdomains,

Apache Kafka

AD Protected Users

Granular protection for

highly privileged accounts

Microsoft 365 and Teams

Communication settings and

security

OpenEBS

Cloud-native

storage

Podman and systemd

Containers under systemd

control

Grafana Dashboards

Grafana + Prometheus =

custom visualization toolset

WWW.ADMIN-MAGAZINE.COM

Welcome to ADMIN

W E LCO M E

Keep Positive

The road to success is paved with negative commentary.

I still remember telling one of my computer consulting clients

that I was quitting my business and going back to

a regular job, while also pursuing my dream of being a technology writer. He responded, “Oh, that’s very com-

petitive, are you sure you’re doing the right thing?” Fast forward to now, almost 20 years later, and my answer

is still, “Yes. Yes, I am.” I heard pretty much the same thing from everyone I told. Everyone told me that writing,

especially writing for a living, was too competitive and unrealistic. I’m glad I didn’t listen to the naysayers.

You see, people will take every opportunity to discourage you from exploring your dreams. Sure, there’s some

rejection associated with writing, acting, filmmaking, or really doing anything you want to do, but it doesn’t stop

there. If you proclaim your innermost desires to do anything that’s difficult, risky, or time-consuming, you don’t have

to look far to find someone who’ll attempt to dissuade you from going further. My best advice is – spoiler alert –

don’t listen to them.

My son is a good example of someone who listened to the naysayers. He worked in a retail environment and

wanted to become an Emergency Medical Technician (EMT), and he told a few people that he had enrolled in

the EMT class. His manager discouraged him and disparaged the field as competitive, low paid, and not worth his

time. His manager had attempted the class and exam a few years earlier himself and failed. My son quit the class

a few days later. My response to him was, “Don’t listen to someone who’s unsuccessful at something. Of course,

they’re going to discourage you. They don’t want you to be successful at something that they failed at.” By then,

of course, it was too late.

If you want to know something about a job or creative pursuit, don’t listen to naysayers. Chances are very good

that they aren’t successful at anything, much less whatever it is that you want to do. The correct thing to do is

ask someone who

successful in that role. If you want to be a system administrator, ask an experienced system

administrator about the job and what it takes to get there. If you want to be a screenwriter, ask a successful

screenwriter how you should proceed. Asking people who have failed at something will usually net you a

disappointing response, whereas asking those who are successful will encourage you to go further.

Lead Image © vm19ko93, 123RF.com

Negative commentary is all too common, and it’s very powerful. Regardless of how many times I told my son the

opposite of what his former manager told him, it didn’t help. We even had him talk to a local EMT, who gave

him all kinds of encouragement, and that didn’t help either. It’s a psychological fact that it takes something on

the order of 17 positives to offset one negative. So, in the minutes it took to destroy my son’s aspirations of be-

coming an EMT, it would take hours of positive discussions to get him back to a psychological break-even point.

He has since changed his goal to becoming a cybersecurity professional. I’ve preloaded his positive psychological

scoreboard for that one. So far, there have been no failed security experts to kill his buzz.

All this boils down to some advice for you, regardless

of your aspirations. First, listen only to those who

are successful, as they will encourage you to

stay the course. Second, keep your eye on the

goal and don’t stray from it. Rejection and

disappointment are often indicators that

you’re doing something right. I know that

sounds crazy, but people who do nothing

never experience rejection.

Those who do

nothing never experience failure.

Third, learn

from your rejections and failures. Turn them into

successes by asking for feedback and looking at

the work of those who are successful. Finally,

anything worth doing or having is worth

a little time and a little pain to achieve

it. Remember that, if it were easy, there

would be no naysayers ready to discour-

age you. Success is often measured in aspi-

ration, inspiration, and perspiration.

Ken Hess • ADMIN Senior Editor

W W W. A D M I N - M AGA Z I N E .CO M

A D M I N 62

S E RV I C E

Table of Contents

ADMIN

Network & Security

Features

In this issue, we present a variety of

solutions that resolve common web

server needs.

Hiawatha Web Server

A lightweight web server with features

that distinguish it from heavyweights

such as Apache.

HTTP/2 for Nginx

The current representative of the HTTP

family offers several advantages for

website operators and their users if

the protocol is correctly adapted to

individual scenarios.

Lighttpd Setup

This long-established web server is

lean and fast and can be set up quickly

thanks to its simple configuration.

Tools

Save time and simplify your workday

with these useful tools for real-world

systems administration.

Grafana Dashboards

Analytics and visualization dashboards

coupled with Prometheus monitoring

and alerting tools deliver custom

reporting and alerting systems.

Containers and Virtualization

Virtual environments are becoming

faster, more secure, and easier to set

up and use. Check out these tools.

OpenEBS for Kubernetes

A cloud-native storage environment

that makes block devices available

to individual nodes in the Kubernetes

cluster.

Podman and systemd

Put any software inside a container

under the control of systemd.

Kea DHCP Server

Modern underpinnings for dynamic IP

address assignment by DHCP.

Security

Subdomains

Set up virtual hosts on modern web

servers for Apache and Nginx.

SD Load Balancing

We introduce the most important

software load balancers, look at their

strengths and weaknesses, and provide

recommendations for use scenarios

Use these powerful security tools

to protect your network and keep

intruders in the cold.

Hardening Apache

A smart configuration, timely updates,

and careful security strategies can

protect servers from attacks.

News

Find out about the latest ploys and

toys in the world of information

technology.

News

• Yet another botnet targeting Linux

• Linux kernel 5.11 released

• Ubuntu Core 20 officially released

• CloudLinux offers lifecycle support

service for expired Linux distributions

Microsoft 365 and Teams Tips

Office 365 and Microsoft Teams come

with useful settings for setting up

communication channels and securing

environments.

Attack Surface Reduction

Windows attack surface reduction

policies help protect your entire IT

infrastructure.

A D M I N 62

W W W. A D M I N - M AGA Z I N E .CO M

Table of Contents

S E RV I C E

Hiawatha Web Server

A highly interesting project for

applications that need a simple, well-

functioning web server with basic

security features.

Kea DHCP Server

This modular, highly available, and

expandable modern DHCP server can

connect to your management systems

and does not require a service restart

with configuration changes.

Management

Use these practical apps to extend,

simplify, and automate routine admin

tasks.

Store FIDO2 Info in LDAP

Secure passwordless login with LDAP

and a schema to establish objects and

attributes for FIDO2 authentication.

Nuts and Bolts

Timely tutorials on fundamental

techniques for systems

administrators.

Apache Kafka Tuning

A guide to 10x scaling in Kafka with

real-world metrics for high throughput,

low latency, and cross-geographic data

movement.

fedora 33

AD Privileged Accounts

Granular protection granted by the

Protected Users group in Active

Directory and Kerberos authentication

policies.

Rethinking RAID (on Linux)

Configure redundant storage arrays to

boost overall data access throughput

while maintaining fault tolerance.

Remora

Per-node and per-job resource

utilization helps you understand

how an application performs on the

system through profiling and system

monitoring.

Service

Welcome

Table of Contents

On the DVD

Back Issues

Call for Papers

W W W. A D M I N - M AGA Z I N E .CO M

82 a r o d e f

Server 64-bit

Linux Kernel 5.8

Btrfs default ﬁlesystem

FreeIPA for advanced

identity management

Cloud versions

See p 6 for details

A D M I N 62

Plik z chomika:

bonus_box

Inne pliki z tego folderu:

Admin Network & Security I49 01.02 2019.pdf (79925 KB)
Admin Network & Security I50 03.04 2019.pdf (82629 KB)
Admin Network & Security I51 05.06 2019.pdf (80418 KB)
Admin Network & Security I52 07.08 2019.pdf (75424 KB)
Admin Network & Security I53 09.10 2019.pdf (80237 KB)

Admin Network & Security I62 03.04 2021.pdf

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: