Fedora 13 Spotlight Feature: NetworkManager Gets Even More Connected

April 20th, 2010

by Fedora Team

As with previous Fedora releases, we’ll once again be highlighting some of the new and improved features in a series of blogs leading up to our latest release, Fedora 13, anticipated in mid-May. First up on our list is NetworkManager.

NetworkManager is used by most modern Linux distributions – not just Fedora – to help users get online quickly and easily. But did you know that NetworkManager was created by a Red Hat engineer? And that it got its start in Fedora?

NetworkManager started in 2005 as the brainchild of Red Hat developer Dan Williams, as his answer to the challenge of making networking in Linux simple and painless for users. NetworkManager rapidly grew from primarily being a wireless helper into a full-featured solution that was still simple and elegant enough to meet the needs of desktop users. This evolution happened as a result of the Fedora community embracing this new idea and helping to nurture it through a process of testing and refinement. Fedora’s success as a community-powered R&D lab for new ideas has resulted in many technologies that are essential parts of the modern Linux desktop, NetworkManager being just one example.

As a result of these rapid iterations and resulting momentum, NetworkManager is used in most major distributions today, including Fedora. Users of Fedora 13 will be able to experience some of the newest features in NetworkManager 0.8.1, including:

• Bluetooth dial-up networking (DUN), which allows connections through older style Bluetooth phones that don’t support newer personal area networking (PAN)
• Mobile broadband status, which gives users a readout of signal strength and roaming before they connect

You can read much more about NetworkManager and its creator here on the Fedora wiki. And to see these features in action, you can try out the Fedora 13 Beta pre-release, which is available here. The final release of Fedora 13 is scheduled for mid-May. Keep your eyes peeled for additional blogs highlighting other cool features slated for Fedora 13.

Red Hat Enterprise Linux 6 Beta Available Today for Public Download

April 21st, 2010

by Red Hat Enterprise Linux Team

We are excited to share with you news of our first public step toward our next major Red Hat Enterprise Linux platform release with today’s Beta availability of Red Hat Enterprise Linux 6. Beginning today, we are inviting our customers, partners and members of the public to install, test and provide feedback for what we expect will be one of our most ambitious and important operating platform releases to date. This blog is the first in a series of upcoming posts that will cover different aspects of the new platform.

It has been almost eight years since the first release of Red Hat Enterprise Linux. Since then, the product has established itself as one of the leading enterprise-caliber, open source operating systems. With installed systems in use from laptops to mainframes, it has helped set standards for quality, certified infrastructure, long-haul stability, performance and security. From Main Street to Wall Street, Red Hat Enterprise Linux touches almost every industry.

As Red Hat Enterprise Linux 6 enters Beta today, the currently supported release, Red Hat Enterprise Linux 5, continues to be the cornerstone of Red Hat’s software product portfolio. Red Hat Enterprise Linux 5 was first released in March 2007, and has received regular updates since that time. Just last month, we delivered the fifth update to the Red Hat Enterprise Linux 5 platform with new features and hardware support. The Red Hat Enterprise Linux 5 platform will continue to be supported by Red Hat and its ISV and OEM partners until 2014.

Looking to the future, Red Hat Enterprise Linux 6 blurs the lines between virtual, physical and cloud computing to address shifts taking place in the modern IT environment. Featuring updated core technology, from the kernel to the application infrastructure to the development toolchain, Red Hat Enterprise Linux 6 is designed to meet the needs of the coming generations of hardware and software technologies.

The major themes of the release include pervasive virtualization, improved scalability and availability, increased power efficiency, and delivery of some of the latest software technologies. In line with today’s Beta availability, we’ll briefly highlight a few of the new and noteworthy improvements:

• Comprehensive power management capabilities
  Time-keeping improvements within the kernel allow the system to transition processors that do not have active tasks into the idle state more frequently. This leads to cooler CPUs and greater power savings compared to previous releases. New monitoring tools like powertop are designed to help pin-point power consumption issues that can be resolved in order to further reduce power consumption. New tuning tools like “tuned,” which is an adaptive system tuning daemon, allow the system to adjust power consumption based on analysis of service usage patterns.
• Performance enhancements
  Red Hat engineers have played key roles in the upstream development of a wide range of kernel performance enhancements that we plan to feature in Red Hat Enterprise Linux 6. This includes a complete rewrite of the process scheduler so that it more fairly shares compute cycles among processes and provides more determinism by enabling higher-priority processes to run with minimal interference from lower-priority processes. Additionally, there are a substantial range of multi-processor lock synchronization enhancements. For example, elimination of unnecessary locking occurrences, replacement of many spin locks with sleep locks and implementation of more efficient locking primitives. These foundational changes impact a number of kernel subsystems.
• Scalability enhancements
  Recent hardware launches have resulted in significant growth in commodity computing platforms. For example it is now possible to have 64 CPUs and 2TB of memory in a 5U rackmount form factor. These systems and their successors are approaching the scalability limits of Red Hat Enterprise Linux 5. A primary feature of Red Hat Enterprise Linux 6 is that it is designed to provide the scalability to handle systems well into the future. Capabilities range from optimized support for large CPU counts and memory configurations to the ability to handle an increased number of system-interconnect buses and peripherals. These capabilities are appropriate for both bare metal and virtualized environments as virtualization becomes as pervasive as bare metal deployments.
• New security features
  A new service called the System Security Services Daemon (SSSD) provides central management of identities. It also has the ability to cache credentials for offline use. The new SELinux sandbox feature allows execution of untrusted content in an isolated environment designed not to impact the rest of the system. This includes the ability to isolate any virtualized guest running on Red Hat Enterprise Linux 6.
• Resource management
  Fine-grained control, allocation and management of hardware resources is available with the help of a new framework called Control Groups or cgroups. cgroups work at the process group level and can be used to manage resources ranging from CPU, memory, network and disk I/O for applications. This framework is also used to manage virtual guests.
• Virtualization
  Red Hat Enterprise Linux 6 builds on the integrated KVM-based virtualization provided by earlier Red Hat Enterprise Linux releases. Incorporating numerous performance, scheduler and hardware support enhancements, it offers improved flexibility and control regardless of the deployment model.
• Storage
  Support for network block storage via FCoE and iSCSI protocols make it possible to perform online re-size of mirrored and multipath volumes using LVM/DM.
• File system
  This release includes the ext4 file system. As the next generation of the extended filesystem family, it includes support for larger file sizes, more efficient allocation of disk space, better file system checking and more robust journaling. In addition to ext4, the XFS® filesystem is also expected to be available. XFS® is well suited for extremely large file and directory sizes and includes features such as the ability to defragment and re-size the filesystem while active. NFS has been updated to version 4, which includes support for IPv6.
• Reliability, availability and serviceability (RAS)
  This release leverages new hardware capabilities to offer features such as hot-add of devices and memory, and enhanced error checking for PCIe devices via AER. It also is expected to include advanced data integrity features (DIF/DIX) that validate data from application to platter via hardware checksums. The introduction of ABRT (Automated Bug Reporting Tool) provides a more consistent way to identify and report system exception conditions like kernel failures (kernel oops) and userspace application crashes.
• Compiler and tools
  The GCC compiler has been updated to version 4.4. This version complies with the C++ 0x standard draft. It also conforms to OpenMP 3.0 and includes many debugging capabilities. SystemTap improvements include better support for user-space probing, a more secure script-compile server and a new unprivileged mode that allows non-root users to access SystemTap. Additionally, there are many other libraries that have been updated to the latest versions, as well as additional languages and runtime environments, including the complete LAMP stack and OpenJDK.
• Desktop
  This release introduces automatic detection of display types and support for multiple displays. We have also included updated nouveau drivers to support NVIDIA graphics devices. Of course, no release would be complete without significant updates to the GNOME and KDE desktops.

The portfolio of technologies in Red Hat Enterprise Linux 6 will be offered along with expanded support for key hardware platforms, which we believe makes the release a compelling choice for new and existing customers alike. As always, part of the value of the subscription lies within our enterprise certifications. Currently, thousands applications are certified to run on Red Hat Enterprise Linux, whether it’s on “bare metal,” virtualized or within cloud deployments. This makes Red Hat Enterprise Linux an operating system of choice for customers and partners.

If you are interested in trying the Beta, we encourage you to download and install it and share your feedback with us. Please visit here to access the Beta.

In keeping with Red Hat’s open source roots, we would like to recognize and thank our many partners and upstream community members who have been working closely with us for many months to make this release truly ground-breaking.

Top 10 Benefits of
Office 2010 Beta

Microsoft Office 2010 Beta

Get It Now

For home, small business, and school Download the Office 2010 beta if you're a student, running a small business, or using Office at home. Download Now

For enterprise and mid-sized business Download if you're an IT professional or a developer or want to use Office at work. Download Now

Microsoft® Office 2010 offers rich and powerful new ways to deliver your best work at the office, home, or school. Grab your audience’s attention and inspire them with your ideas visually. Create results with people at the same time and stay connected to your files across the town or around the world.¹ With Office 2010, you’re in control of getting things done and delivering amazing results according to your schedule. See it in action and read what others are saying.

1 Express your ideas more visually Office 2010 opens up a world of design options to help you give life to your ideas. The new and improved picture formatting tools such as color saturation and artistic effects let you transform your document visuals into a work of art. Combined with a wide range of new prebuilt Office themes and SmartArt® graphic layouts, Office 2010 gives you more ways to make your ideas stick. Check out PowerPoint 2010 and Word 2010.

2 Accomplish more when working together Brainstorm ideas, provide better version control, and meet deadlines faster when you work in groups. The co-authoring experience for Word 2010, PowerPoint 2010, Excel Web App and OneNote shared notebooks let you work on a file with several people at once — even from different locations.2

3 Enjoy the familiar Office experience from more locations and more devices With Office 2010, you can get things done more easily, from more locations and more devices. Using a smartphone or virtually any computer with an Internet connection, you can work when and where you want to work.3 Microsoft Office Web Apps Extend your Office 2010 experience to the web. Store your Word, Excel, PowerPoint, and OneNote files online and then access, view, edit, and share content through the Web. Microsoft Office Mobile 2010 Stay current and respond quickly using enhanced mobile versions of Office 2010 applications, specifically suited to your Windows Mobile-based smartphone.

4 Create powerful data insights and visuals Track and highlight important trends with new data analysis and visualization features in Excel 2010. The new Sparklines feature delivers a clear and compact visual representation of your data with small charts within worksheet cells. Filter and segment your PivotTable data in multiple layers using Slicers to spend more time analyzing and less time formatting. See Excel 2010 in action.

5 Deliver compelling presentations Captivate your audience with personalized videos in your presentation. Insert and customize videos directly in PowerPoint 2010—trim, add fades and effects, or bookmark key points in the video to call attention to selected scenes. Videos you insert are now embedded by default, relieving you from managing and sending additional video files. See PowerPoint 2010 in action.

6 Manage large volumes of e-mail with ease With Outlook 2010 you can compress your long e-mail threads into a few conversations that can be categorized, filed, ignored, or cleaned up. The new Quick Steps feature let you perform multi-command tasks, such as reply and delete an e-mail in a single click, saving you time and inbox space. See Outlook 2010 in action.

7 Store and track all your ideas and notes in one place Get the ultimate digital notebook for tracking, organizing, and sharing your text, picture, video and audio notes with OneNote 2010. New features such as version tracking, automatic highlighting, and Linked Notes give you more control over your notes so you’re always on top of where your ideas came from and the latest changes when working in teams4. See OneNote 2010 in action.

8 Get your message out instantly Broadcast your PowerPoint presentation to a remote audience, whether or not they have PowerPoint installed.5 The new Broadcast Slide Show feature allows you to share your presentation through a Web browser quickly without additional set up. See the PowerPoint Broadcast Slide Show in action.

9 Get things done faster and easier Microsoft Office Backstage™ view replaces the traditional File menu to give you a centralized space for all of your file management tasks, such as the ability to save, share, print, and publish. The enhanced Ribbon across Office 2010 applications lets you access commands quickly and customize tabs to personalize the experience to your work style.

10 Access work across devices and platforms Enjoy the freedom of using Office 2010 from more locations on more devices. When you use Office 2010, you’re getting the familiar and intuitive Office experience across PCs, Smartphones, and Web browsers on the go. Frequently asked questions about Office 2010

Register now for your Student Second Shot!

Register now for your Student Second Shot!

If at first you don’t succeed, try again at no charge

Achieving a Microsoft Certification is one of the most effective ways to improve your resume and differentiate yourself from other students vying for the most popular IT jobs. We just made it easier for you—with the Student Second Shot, you get two shots at passing a Microsoft Certification exam in the student series (exams that have a 072 prefix), and your first exam is offered at a student discount of up to 55 percent off the standard price! To take advantage of this offer, you must take your first certification exam and free retake exam between January 13, 2010, and June 30, 2010.

With Student Second Shot, if you do not pass your Microsoft Certification exam on your first try, don't worry. You can retake the exam without any additional cost!

• Find answers to frequently asked questions about the Student Second Shot offer (XPS file, 232KB)
  Find answers to frequently asked questions about the Student Second Shot offer (PDF file, 150KB)

• Register now and we will send you a voucher for your exam

Offer details

• Offer dates: January 13, 2010 – June 30, 2010.

• Details: You must register, obtain a voucher code, schedule, pay, and sit for both the first and (if necessary) the retake exam before June 30, 2010.

• Applicable exams: This offer applies to any Microsoft Certification exam that has a 072 prefix (student series).

• Eligible regions: This offer is available globally except in India and China.

• Only one Second Shot voucher is issued per purchased exam.

To use your Second Shot voucher

• Go to your closest Prometric test center or call Prometric to make an appointment for your exam. Use your Second Shot voucher number and schedule and pay for your exam. The Prometric Web site lists locations and phone numbers for Prometric test centers globally.

  • Visit the Prometric site (Prometric.com)

• Take your exam

  Do not forget your student ID. You will not be eligible unless you have valid verification of your student status.

• If you do not pass your exam, use the same voucher number to schedule your free retake exam.

Note You must wait one day after taking your initial exam before you can register for your retake exam.

Top 10 Password Crackers

The April 2010 Nmap/SecTools User Survey is open! It will guide Nmap development and also create a new edition of this site! Please take this quick survey, and in return we'll build you a better Nmap Security Scanner and a new SecTools.Org. If (God forbid!) you're not an Nmap user, you can leave those questions blank and still vote for your favorite security tools.

After the tremendously successful 2000 and 2003 security tools surveys, Insecure.Org is delighted to release this 2006 survey. I (Fyodor) asked users from the nmap-hackers mailing list to share their favorite tools, and 3,243 people responded. This allowed me to expand the list to 100 tools, and even subdivide them into categories. This is the category page for password crackers -- the full network security list is available here. Anyone in the security field would be well advised to go over the list and investigate tools they are unfamiliar with. I discovered several powerful new tools this way. I also point newbies to this site whenever they write me saying “I don't know where to start”.

Respondents were allowed to list open source or commercial tools on any platform. Commercial tools are noted as such in the list below. No votes for the Nmap Security Scanner were counted because the survey was taken on a Nmap mailing list. This audience also biases the list slightly toward “attack” hacking tools rather than defensive ones.

Each tool is described by one ore more attributes:

	Did not appear on the 2003 list
	Generally costs money. A free limited/demo/trial version may be available.
	Works natively on Linux
	Works natively on OpenBSD, FreeBSD, Solaris, and/or other UNIX variants
	Works natively on Apple Mac OS X
	Works natively on Microsoft Windows
	Features a command-line interface
	Offers a GUI (point and click) interface
	Source code available for inspection.

Please send updates and suggestions (or better tool logos) to Fyodor. If your tool is featured or you think your site visitors might enjoy this list, you are welcome to use our link banners. Here is the list, starting with the most popular:

#1

Cain and Abel : The top password recovery tool for Windows UNIX users often smugly assert that the best free security tools support their platform first, and Windows ports are often an afterthought. They are usually right, but Cain & Abel is a glaring exception. This Windows-only password recovery tool handles an enormous variety of tasks. It can recover passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. It is also well documented. Also categorized as: packet sniffers

---

#2

John the Ripper : A powerful, flexible, and fast multi-platform password hash cracker John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types which are most commonly found on various Unix flavors, as well as Kerberos AFS and Windows NT/2000/XP LM hashes. Several other hash types are added with contributed patches. You will want to start with some wordlists, which you can find here, here, or here.

---

#3

THC Hydra : A Fast network authentication cracker which supports many different services When you need to brute force crack a remote authentication service, Hydra is often the tool of choice. It can perform rapid dictionary attacks against more then 30 protocols, including telnet, ftp, http, https, smb, several databases, and much more. Like THC Amap this release is from the fine folks at THC.

---

#4

Aircrack : The fastest available WEP/WPA cracking tool Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. It can recover a 40 through 512-bit WEP key once enough encrypted packets have been gathered. It can also attack WPA 1 or 2 networks using advanced cryptographic methods or by brute force. The suite includes airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), and airdecap (decrypts WEP/WPA capture files). Also categorized as: wireless tools

---

#5

L0phtcrack : Windows password auditing and recovery application L0phtCrack attempts to crack Windows passwords from hashes which it can obtain (given proper access) from stand-alone Windows workstations, networked servers, primary domain controllers, or Active Directory. In some cases it can sniff the hashes off the wire. It also has numerous methods of generating password guesses (dictionary, brute force, etc). LC5 was discontinued by Symantec in 2006, then re-acquired by the original L0pht guys and reborn as LC6 in 2009. For free alternatives, consider Ophcrack, Cain and Abel, or John the Ripper.

---

#6

Airsnort : 802.11 WEP Encryption Cracking Tool AirSnort is a wireless LAN (WLAN) tool that recovers encryption keys. It was developed by the Shmoo Group and operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered. You may also be interested in the similar Aircrack. Also categorized as: wireless tools

---

#7

SolarWinds : A plethora of network discovery/monitoring/attack tools SolarWinds has created and sells dozens of special-purpose tools targeted at systems administrators. Security-related tools include many network discovery scanners, an SNMP brute-force cracker, router password decryption, a TCP connection reset program, one of the fastest and easiest router config download/upload applications available and more. Also categorized as: traffic monitoring tools

---

#8

Pwdump : A window password recovery tool Pwdump is able to extract NTLM and LanMan hashes from a Windows target, regardless of whether Syskey is enabled. It is also capable of displaying password histories if they are available. It outputs the data in L0phtcrack-compatible form, and can write to an output file.

---

#9

RainbowCrack : An Innovative Password Hash Cracker The RainbowCrack tool is a hash cracker that makes use of a large-scale time-memory trade-off. A traditional brute force cracker tries all possible plaintexts one by one, which can be time consuming for complex passwords. RainbowCrack uses a time-memory trade-off to do all the cracking-time computation in advance and store the results in so-called "rainbow tables". It does take a long time to precompute the tables but RainbowCrack can be hundreds of times faster than a brute force cracker once the precomputation is finished.

---

#10

Brutus : A network brute-force authentication cracker This Windows-only cracker bangs against network services of remote systems trying to guess passwords by using a dictionary and permutations thereof. It supports HTTP, POP3, FTP, SMB, TELNET, IMAP, NTP, and more. No source code is available. UNIX users should take a look at THC Hydra.