S3E1: "Strike(r) In the New Season"
|Previous Episode||Next Episode|
|Recorded (UTC)||Aired (UTC)||Editor|
|2018-03-01 03:46:45||2018-03-12 09:41:51||"Edita"|
Sorry for the delay in release!
- In S3E0, we reported that Intel had 3 class-action lawsuits for Spectre/Meltdown-related claims. That has now jumped to 32.
- Memcrashed, as it’s being called, is capable of some pretty potent DDoS reflection/amplification attacks.
- You can mitigate by having memcached use a system socket instead of a network socket, only have it listen on localhost, or firewall off memcached to specific IPs. Anything that prevents a random client on the Internet from reaching it.
Starts at 6m39s. Sort of.
I was drinking Jefferson’s Reserve bourbon. Paden was drinking vodka and cranberry juice (he didn’t specify which vodka). Jthan was drinking Bud Light. Striker was drinking a Butter Pecan moonshine (he didn’t specify but at a guess, either Ole Smoky’s or Sugarlands’).
- We interview Striker, from the FreeIPA project.
- You may recall us talking about it in S2E10
- We mention the following a lot throughout the episode:
- Centralized authentication (such as LDAP/Kerberos) that FreeIPA (and other projects) provide are SUPER useful. They can be used for:
- I express worry about how most turnkey “solutions” end up creating more problems than they solve because of how inflexible they are and how their components are intertwined. Striker gives us the good news that it’s piecemeal; they try to strongly support migration, integration into existing services, etc.
- He mentions that FreeIPA is spending a LOT of focus on integrating into Samba 4.
- The end-goal here is a complete Windows Active Directory Server/Domain Controller replacement. Which is amazing.
- You can find Striker (and probably us) at SELF 2018.
In this segment, we highlight system administration mistakes. Think of them as the IT equivalent of the Darwin Awards. (50m0s)
Thanks to amayer in our IRC channel for tipping us off to this Baddie!
- We’re still re-balancing our audio for season 3 (and Jthan’s audio is, again, off because while he was back on his proper mic this time (unlike S3E0), he was recording in a different physical location. Fingers crossed S3E2 is better.
- I almost titled this episode “Striker? I Hardly Know ‘Er!” You’re welcome.
- I make a shoutout to Radio Statler.
- There’s no such thing as “ethereal” ports. There are ephemeral ports, which are what (typically the initiating end) uses to bind to, a random port number (hence the name “ephemeral”). There are also “well-known” or “system” ports, which are 0-1024 (and typically require administrator/superuser/root privileges, so they’re also sometimes called “privileged ports”), and registered ports which are 1024-49151 (port numbers 49152–65535 are usually reserved for ephemeral ports, though you can configure your system to use a wider/different range).
- Striker’s talk he mentions at SELF 2017 is here.
- Cat’s Cradle is a great book. But the word I was looking for is indeed karass. The podcast would be our “wampeter” and authentication services in Linux would be our “sinooka”. I think. Anyways, you should read the book, it’s a good read.
- I ragged on Zoho …I meant Zimbra. Oops.
- It’s true, microwaves really do affect wi-fi.
- SERIOUSLY you need to check out mtree!
- I have it packaged in Arch’s AUR as nmtree.
|Intro||kick, push.||Ryan Little||click||CC-BY-SA 4.0||Outro||Blacklight||Krestovsky||click||CC-BY-NC-SA 3.0|