The author forgets another huge market that Linux is behind. HDTV. I would say well north of 80% of all HDTV come with some form of Linux. The next time you purchase a HDTV check the packet for something about GNU license. If you see that..your tv is running Linux….:)
Category: Linux
I just passed the Astaro Certified Administrator course. The next one is the Astaro Certified Engineer. These will help further my status and abilities as an Astaro partner. These courses I ahve found to be a good use of time and actually add to my knowledge of the Astaro product even though I have been using the Astaro Security Gateway for nearly 10 years…:)
The issue was the licensing server is in Germany and therefore you have to create licenses according to German time..at least that is how it was. They have fixed that issue. The licenses now work as they should..:) There was quite a bit of debate about leaving a local admin account. As usual i’m out on a limb myself…but that’s nothing new..:)
http://www.astaro.org/astaro-gateway-products/hardware-installation-up2date-licensing/37626-my-astaro-horror-story.html
The license itself is borked. I just re-applied my “home” license and it worked fine. I then created an eval license and installed that to “upgrade” the other “home” license…that worked. Installing my new license on top of the eval license borked things..the license is hosed….not looking good for sophos/Astaro..and the anti-sophos folks have more ammo now and depending on what happens tomorrow i may be joining the anti-sophos/Astaro club.
I’ve gone a while before making a first purchase. Right now i’m not sure I’m going to be making another one. I purchased a license for my church recently. At a cost(even with my partner discount) equal to 25% of my entire annual IT budget. The key given to me was not the one i needed to create the license. It took a few days(things being over the memorial day holiday) for the US office to get to me..i don’t fault them on that aspect. I finally get my activation key and my upgrade key. I upgrade the church’s license. I then install the new license to the church’s machine. All hades broke loose then. ALL subscriptions come up as invalid. Also my AD link is severed. I am now at a base license because the Astaro says all of my licenses are invalid or expired. I try a reboot and i am locked out of the webadmin. I NEVER leave the local account active(shouldn’t have to in my book) so i now have a dead astaro. I now have to wait until tomorrow for support to fix this. Meanwhile I get to spend an hour or so tonight rebuilding what was once a perfectly working box. I’m going to loose all of my logs, quarantine and everything else. Luckily i have a backup of my config. This is unacceptable form an “enterprise vendor”. Is this the new norm after the sophos takeover? I hope not. I will post updates as they come in.
Short Answer: No.
Why do I say this? If you are already running SBS2008 there is no compelling reason to upgrade. SBS2011 is based upon Server 2008R2. This version of Windows server goes out of primary support in 2014. This means the newest SBS server software is based upon what is soon to be an outdated server platform. Why do I say this? Server 2008R2 goes out of primary support in June of 2013. I’m not keen on spending large amounts of money on what is soon to be outdated software. Sure it has Exchange 2010 and SharePoint 2010..but that’s really it. All of that doesn’t matter since the base foundation software goes outside of primary support in 2013. Sure there’s “extended support” but that’s security updates only. No bugfixes, no non-security updates..etc etc. I can’t recommend this package in any of it’s flavors right now especially with server 8 on it way for a likely release in 2012.
What does ECC recommend? A server running ESXI with one vm running server 2008(or server 8 when it comes out) and in anther vm Zimbra. Zimbra handles many of the functions of SharePoint/Exchange for an unbeatable price. Zero.
Unix admins have known this for a long time. There is only one way to reliably clean ANY infected machine…wipe and reload.
For a long time, the best-practices approach to malware infections has been to re-format and re-image the infected machine from known clean media. However, there are some corporate security teams that continue to simply run an antivirus product as a way to clean the computer of malware. This is often the case, especially when faced with an infection by “nuisance” malware such as spambots or rogue antivirus programs. The danger in simply running an antivirus product against the machine is that even if the antivirus product cleans the observed infection, how much other malware was installed on the machine that the antivirus engine can’t detect?
There are three major factors at play here, which illustrate why running a “cleaner” tool is often not enough:
Malware has become increasingly more sophisticated and capable of hiding from or disabling anti-malware scanners. These days only a forensic-level investigation can detect certain malware under some conditions.
Malware authors now have easy access to tools that let them run their creations through dozens of antivirus engines at once. Some of these tools do not deliver scanned samples to antivirus companies for analysis, so a malware author can simply keep tweaking his/her creation until it is no longer detected, and then deploy it to your network via existing botnets infections, malvertising, spear-phishing, and other attack vectors.
As evidenced by the botnets detailed above, more malware authors are taking advantage of pay-per-install services. These systems will always try to maximize profit and install multiple unique pieces of malware after they initially infect a PC. To date, antivirus has been shown to generally have a 20% or less effectiveness rate against new threats. So for each pay-per-install infection, if you detect one bot, there might be four more installed alongside that aren’t detected.
The major risk is that while you might have removed the nuisance malware, something more sinister may still be lying in wait to steal or destroy data. Any compromise of a PC should be treated as if it has the potential to do the maximum damage. One could hire a malware expert to do low-level forensic analysis on the infected system, but in some cases, it comes down to the skill of the expert versus the skill of the malware author – both are essentially unknowns. This is why we repeat the mantra of “re-format/re-image” – it’s the only way to effectively mitigate the risk with a high level of assurance.
I tire of the MS lockin. What I’ve done is begun to build another deployment option for my clients( all of which are under 10 users. For now i’ll user server 2008 for authentication and file/print sharing…in a vm. Another vm holds a vmware appliance running zimbra collaboration suite. I get 90% of the SBS functions for nothing. All i have to do is then backup two vmware images which easily compress by a factor of 2-5. Done..and it’s highly portable to new hardware if something bad happens to the host box. Once Samba 4 gets done I won’t need MS for the main server either..then i can run everything under one Linux VM and only have one vm to backup. I’m hoping to procure a fast host server to test this on both on my network and my “guinea pig” network..:) I already have a non-virtual version of this running at my church(one physical box running server 2003..another physical server running centos 5.5 with Zimbra Collaboration Suite). My goal is to get these two virtualized on one box..:) The ultimate goal is for the whole thing to be Linux based.
Zimbra has been a bit hit. I’m currently trying to get the software lifecycles synchronized. Zimbra 7 has just been released.. unfortunately zimbra does not support Debian any longer. Centos 6 is about to be released and I’m not a fan of Ubuntu. Centos 5 expires in 2014 which is about the same time as Zimbra 7. It looks like I’ll stick with Centos 5 until the EOL of Zimbra 7. Then for Zimbra 8 change both the Zimbra version and the host operating system.
Servers: One of the donated rackmounts is now running Astaro again. Untangle let me down when it counted and the conduct of their founder and COO i find distateful. I ahd a bad e-mail get past the Untangle system and infect one of my users computers. I’ve since switched to Astaro and frankly I couldn’t be happier. Not only has the spam detection gone up to near 99% or higher but false positives are nearly zero. So far the Astaro is rejecting 90% of all spam mail before it even gets to the anti-spam and a/v engines. This has led to a marked decrease in resource usage by the Zimbra server. I honestly had no idea how much was getting by the Untangle until i installed Astaro.
I also had all the ups units in the server room fail. Luckily I was able to get a new single, large ups that’s ultimately capable of running everything in the server room for at least 10 minutes. Once i get the control software installed the main server will be able to send graceful shutdown signals to the mail server and firewall server if there is a sustained power disruption. The file server will also shutdown gracefully meaning less chances of file system crashes or corruptions..:)
There’s a couple of large projects coming but i’m not going to talk about them until everything is in place..:)