Linux Journal January 2013

Linux Journal January 2013

by Jill Franklin, Garrick Antikajian
     
 

A quick overview of what's in this special Security issue:

* Configure One-Time Password Authentication with OTPW
* Provide Stronger Security with Elliptic Curve Cryptography
* Project: Build a Wi-Fi Honeypot
* Phonegap for Easy Smartphone Application Development
* How-To: Add Graphical PXE Menus to Your PXE Server

Detailed… See more details below

Overview

A quick overview of what's in this special Security issue:

* Configure One-Time Password Authentication with OTPW
* Provide Stronger Security with Elliptic Curve Cryptography
* Project: Build a Wi-Fi Honeypot
* Phonegap for Easy Smartphone Application Development
* How-To: Add Graphical PXE Menus to Your PXE Server

Detailed overview: Sticky Note of Doom

Years ago, I had the brilliant idea that all my users in the finance department
should have complex passwords. This made perfect sense to everyone, since dealing
with millions of dollars of revenue is something that should be secured. So, the
passwords were changed with complexity requirements enforced. I slept better that
night knowing our paychecks were no longer secured by passwords like
"mustang" or "mrwhiskers".

I came in the next day only to find very complex passwords written on sticky notes
and affixed to everyone's monitors. Security software is no match for a Sharpie
marker and a Post-It. It was a lesson well learned. This month is our Security
issue, and although we don't have an answer to the Sticky Notes of Doom, we do have
some great articles on Linux-related security.

Reuven M. Lerner starts off the issue with an interesting column on real-time
messaging over the Web. Back in the days when every user was in a terminal window,
a quick wall command would send everyone a message. Reuven
describes a similar
concept, but with Web users. Dave Taylor follows up not with Web programming, but
with game programming. Using his talent for making learning fun, Dave shows
how to write a script to play Cribbage.

Kyle Rankin returns to his PXE magic from a couple years back and explains how to
leverage the network bootloader not only to install operating systems, but also to boot
them directly. If you've ever been intimidated by PXE menus, or if you thought PXE was
too limited, you'll want to read Kyle's column. It's a great followup to his last
piece on the topic, and it showcases just how flexible PXE can be.

I joined the security bandwagon this issue and decided to talk about passwords. If
you (or a "friend") use the same password for every Web site, or if you use your
pet's name to secure your credit-card statements, you really need to read my column
this month. Whether it's to pick up some hints on password creation or just get
some pointers for convincing others to use good passwords, I hope you'll find
my tips helpful.

If you're fascinated by data encryption, Joe Hendrix's article on Elliptic Curve
Cryptography is more than just an interesting read. Joe not only shows how to
implement this method, but also how to use it in real life with OpenSSH. With most
encryption methods, people just keep making a bigger and bigger encryption key to
improve security. Elliptic Curve Cryptography offers more security and smaller key
sizes. When it comes to passwords, encryption is great, but even better is to
destroy the password completely after using it. Todd A. Jacobs teaches how to
configure one-time passwords on your servers. If you're working from an open Wi-Fi
hotspot, a one-time password is a way to make sure you're safe even if your
password is hijacked.

Speaking of Wi-Fi, Marcin Teodorczyk has a fun article on setting up a Wi-Fi
honeypot. If you want to have fun with your neighbors, or if you're just curious about
what people do to an open access point, Marcin shows you what to do. If you
live near a place people tend to gather, your results should astound!

We've also got lots of other goodies for you this month. Mike Diehl discusses how to
create smartphone apps with Phonegap. Joey Bernard takes a great look at Gnuplot.
Our New Products section features a mention of Kyle Rankin's new book, and our
Upfront section has useful tips to inform and entertain.
So, in honor of the Security issue, maybe take this opportunity to remove sticky notes
from monitors and challenge people to change their passwords to something other
than their dogs' names. This was a fun issue for us, and we hope the same will be true
for you!

--Shawn Powers

Read More

Product Details

ISBN-13:
2940016154459
Publisher:
Linux Journal
Publication date:
01/01/2013
Series:
Linux Journal , #2013
Sold by:
Barnes & Noble
Format:
NOOK Book
File size:
10 MB

Related Subjects

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >