Word of the Day - GURU advisor

YUM


YUM, 
the acronym for Yellowdog Updater Modified, is the software used to install, update and remove installation packages on systems that use the Red Hat Package Manager (RPM). YUM is the successor of YUP (Yellowdog Updater) and it's natively implemented as a command line tools, but some tools are available for the use with a graphical interface. YUM is distributed under GNU GPL license and it can be used on distros like Red Hat Enterprise Linux, Fedora and CentOS.

SI


SI stands for System Integrator. A System Integrator is a professional, or a company, that is specialized in integrating systems by creating a complete, functioning and efficient infrastructure starting from the available hardware and software elements (for instance, hardware from different manufacturers that must run software of different kinds), by matching the objectives the customer wants to achieve.

OTP

 

OTP stands for One Time Password and is a type of password that, as the name suggests, can be used only once, or per single sessions. A password of this kind expires as soon as it's used, so a new password must be generated for a later session. This approach can eliminate all the problems related to the usage of static passwords (low complexity, replica attacks, lack of update, etc..). Some fundamental requirements lay at the basis of the OTP technique, like proper synchronization between the password generator and the authentication server, and the algorithm that generates passwords.

A practical example of OTP passwords is offered by some banks for the access of its Web services, which provides a physical token that can generate a new key each time.

Botnet


botnet is a set of infected computers that, without the knowledge and consent of proprietaries, are configured to transmit data, information, spam or virus towards other computers connected to the Internet. The bot prefix indeed comes from the fact that any infected machine becomes a "slave" of the controller, called botmaster, that can run remote commands.

The main use of a botnet is about realizind Denial of Service attacks towards specific objectives and the diffusion of spam and phishing campaigns.

CBC


The acronym CBC refers to a ciphering system called Cipher Block Chaining. This technique improves the overall security level offered by the previous ECB (Electronic CodeBlock) ciphering system by adding an additional step in the elaboration chain of data blocks. With a cryptographic system based on CBC, a non-ciphered block of data is elaborated with the XOR logical operation with the previous block which is already ciphered. Only at this time the result of the operation is "feed" into the ciphering algorithm and the procedure keeps on looping until the complete encryption of data.

0-day


The term 0-day refers to those software vulnerabilities that are discovered the very same day the exploit is released (an exploit is a software designed specifically for a scope), which can exploit -no pun!- them for operations that are usually not allowed, and most times of an illegal nature. This term gets its name by the fact that the developer of the system has zero days to patch the vulnerability.

The good aspect of 0-day vulnerabilites is that once they are identified and fixed, they lose any effectiveness, thus securing the affected system.

SPoF


In the IT world, a Single Point of Failure (SPoF) is a single vulnerability of the infrastructure. A SPoF can be both of a hardware (switches, routers, servers, single server components, etc..) and of a software nature, and its role is so important that it could compromise the whole system in case of failure. To draw an example, a local network that is connected with the outside world with a single, not redundant router has a SPoF in that router, as a failure or the breakage of such router completely stops any LAN-WAN connection.

The best approach in order to eliminate any SPoF is redundancy: by doubling (or even multiplying) any infrastructural element that could be a SPoF you can avoid a bad functioning state of the whole system in case of a failure.

CMS

 

CMS, the acronym for Content Management System, defines all those systems used to produce, manage and publish content on a Web site. A CMS is usually installed on a server and provides a management Web interface, called backend, and an interface, called frontend or CMApplication, for the use of content itself.

CMS was born in the US in the second half of the ‘90s with the main goal, albeit specifically dependant on the type of CMS, is to avoid an ad-hoc server-side development (with subsequent coding and need of specialized personnel) and allow Webmasters to manage content and the site’s structure in a more intuitive way without having Web development skills.

 

KVM Switch

 

A KVM Switch is an hardware device that allows users to use several computer with a single set of monitor, keyboard and mouse, thus allowing to access different physical machines (even geographically distant) without having to move around or change peripherals. Some versions also support USB ports sharing for storage drives or additional devices.

A KVM Switch is usually composed by a main body which hosts the switch command, and two or more cable sets (video, PS2, USB, etc..), one for each machine to control. On the other end of the connection group it’s possible to connect keyboard, monitor and mouse.

Elastic Compute Cloud

 

Amazon EC2 (Elastic Compute Cloud) is a Web service of Amazon’s AWS platform which provides computational resources in the Cloud, with a scalable amount of resources according the the user’s needs. It’s, by all means, a declination of the more generic concept of “Cloud Computing”.

Cloud Service

 

The term Cloud Service indicates whichever resource (computational, storage, etc..) that is provided via Internet. Cloud Services are grouped into three main families: SaaS, PaaS and IaaS, which are the acronym for Software, Platform and Infrastructure as a Service.

FCoE

 

FCoE, Fibre Channel over Ethernet, is a standard protocol approved on the 4th of Juve, 2009, that allows to transmit data coming from Fibre Channel networks onto Ethernet infrastructures. This passage happens by mapping FC frame to Ethernet frames (specifically 802.3 frames) so that 10GBps Ethernet connections can be used without losing the features of the original protocol.
This standard is used to connect storage FC connections with SCSI traffic data, which requires a loseless Ethernet infrastructure.

The use of FCoE requires a dedicated hardware (switch and network cards) capable of receiving optical signals and converting in electrical signals.

IPv6

 

IPv6 is the version of the IP protocol designed to substitute the precedent IPv4 standard. IPv6 mainly differentiates by the number of bits assigned, which changes from 32 to 128.
In the last years the problem of the exhaustion of available IPv4 addresses has got more and more important: the choice of 128 bits allows to manage a total of 4,3 x 10^38 addresses. If they were spread on the ground, there would be hundreds of thousands IP addresses per square metre.

The release of the first addresses with the new format by ICANN was on the 4th February, 2008, when they first got recorded into DNS systems. On the 3rd February, 2011, the last IPv4 block was assigned, but it’s estimated that until 2025 IPv4 will be used allowing users and providers to adapt to the new paradigm.

Core Dump


Core Dump, and also Memory Dump and System Dump, is the saving of the state of RAM memory of a computer in a precise instant or point in time a persistent storage device.
It can be interpreted as system memory Snapshot and the main use it’s software and programs debugging or, more in general, diagnosing crashes and unexpected failures.

The name derives from the metallic and magnetic core of the first storage devices.

Conficker

 

Conficker (AKA Downup, Downaup and Kido) is an infamous viral worm the exploited MS08-67 vulnerability of Microsoft Operating Systems. Discovered in November 2008, this work took advantage of a hole in the network service of the operating system. Diffusion could also happen through storage devices (disks, USB drives, etc..) and the higher the administrative privileges of the infected user, the more dangerous the infection is.


Some of the main consequences of an attack are the loss of scheduled backups, deletion of restore points and the violation of network connections. The work also uses the infected machine to take control of the other devices on the network.

The estimation of the New York Times, consistent with F-Secure’s, is about 9 million PCs infected in January 2009, used to create a huge botnet exploiting Windows PCs without security patches (which were released in 2008).

BSD

BSD stands for Berkley Software Distribution and it’s a particular version of the UNIX Operating System which was developed by the University of California in Berkley. This distribution is at the basis of several free versions of the OS: FreeBSD, OpenBSD, NetBSD, FreeNAS and many more.
The first version was published in 1977 as a slightly modified version (by means of specific patches) of the UNIX release by AT&T. The system underwent several releases during the ‘80s until the 1995 definitive 4.4-lite Release2 release, from which descendant projects have spurt.

Master Boot Record


Master Boot Record
- MBR- is a specific sector of disks where operating systems are installed that contains information needed to boot. MBR also contains the precise location of the disk’s boot loader, which is used to load the OS onto RAM memory drawing it from disk. Usually MBR includes Partition Table.

Boot Loader

 

Boot Loader, also called Boot Manager, is a software program that loads the operating system from storage memory to system memory - RAM: this procedure happens every time a computer is started or rebooted. In the booting sequence, BIOS after a number of initial tests (POST phase) passes control to the Master Boot Record (MBR), where the Boot Loader resides.

AS400

AS/400, a name commonly associated with IBM iSeries, is a mid-tier server designed and developed for small-business environments or single sectors of big companies. Modified and updated at a later time in order to work on distributed networks with Web applications, the AS/400 uses PowerPC processors with a limited set of instructions and the OS/400 operating system.

AS/400 has been a milestone in the IBM history and its success has been determined by the high levels of reliability and stability both from an hardware and from a software basis, coupled with a relatively low price (almost 20.000€) and with the ability of managing hundreds of terminals at the same time.

DevOps

 

DevOps is a term that comes from Deveopers and Operations and defines a software development methodology where the development area and the sysadmin sphere come together and form a profound integration between developers and techs. The ever-stronger interdependence between applications and systems, coupled with the need of frequent software releases (developed more efficiently and with standardization) is at the basis of this tendence.

LLDP

LLDP is the acronym for Link Layer Discovery Protocol, an open and vendor-neutral protocol that is part of the Internet Protocol Suite used in IEEE 802 (specifically, it's defined by standard IEEE 802.1AB). This protocol allows devices on a local network, mainly wired Ethernet, to communicate their identities and characteristics.

LLDP has the same features of othery proprietary protocols like CDP by Cisco or LLTD by Microsoft.

Cold Storage

Cold Storage is about storing inactive data that a company, or society, barely consults or doesn't even consult in years. This kind of storage has low cost coupled with an high capacity and duration in time as fundamental requirements: Amazon Glacier and Google Cloud Storage Nearline are two examples of cloud services for Cold Storage.

IEEE

IEEE stands for Institute of Electrical and Elecronics Engineers (often called I triple E). IEEE is an international association of professional scientists that have the promotion of IT sciences as objective.

The main goal of IEE is to search for new applications and theories in sciences related to IT and electronics, but it's recognized -in particular- for its role in the definition and publication of the standards that regulate such technology fields. These standards are worldwide accepted and recognized.

Open-Source

The term Open Source designates a software category whose source code is freely distribuited by authors. 

The main goal is to favour usage and allows other developers to bring their contributes by means of integrations and changes. Changes are usually controlled by specific use licences.

banner eng

fb icon evo twitter icon evo

Word of the Day

In the field of Information Technology, the term piggybacking refers to situations where an unauthorized third party gains access to...

>

The acronym GDPR indicates the new General Data Protection Regulation, which will come into force on 25 May 2018. This...

>

The acronym DPO (Data Protection Officer) indicates the person or persons who, within the company context, are responsible for the...

>

InfiniBand is an input / output architecture for the transmission of data between high performance systems composed of CPUs, processors...

>

A Zero Day Exploit describes a situation in which specific and unknown vulnerabilities are disclosed to the public simultaneously with...

>
Read also the others...

Download of the Day

Netcat

Netcat is a command line tool that can be used in both Linux and Windows environments, capable of...

>

Fiddler

Fiddler is a proxy server that can run locally to allow application debugging and control of data in...

>

Adapter Watch

Adapter Watch is a tool that shows a complete and detailed report about network cards. Download it here.

>

DNS DataView

DNS DataView is a graphical-interface software to perform DNS lookup queries from your PC using system-defined DNS, or...

>

SolarWinds Traceroute NG

SolarWinds Traceroute NG is a command line tool to perform advanced traceroute in Windows environment, compared to the...

>
All Download...

Issues Archive

  • GURU advisor: issue 18 - April 2018

    GURU advisor: issue 18 - April 2018

  • GURU advisor: issue 17 - January 2018

    GURU advisor: issue 17 - January 2018

  • GURU advisor: issue 16 - october 2017

    GURU advisor: issue 16 - october 2017

  • GURU advisor: issue 15 - July 2017

    GURU advisor: issue 15 - July 2017

  • GURU advisor: issue 14 - May 2017

    GURU advisor: issue 14 - May 2017

  • GURU advisor: issue 13 - March 2017

    GURU advisor: issue 13 - March 2017

  • GURU advisor: issue 12 -  January 2017

    GURU advisor: issue 12 - January 2017

  • GURU advisor: issue 11 -  October 2016

    GURU advisor: issue 11 - October 2016

  • 1
  • 2
  • 3
  • BYOD: your devices for your firm

    The quick evolution of informatics and technologies, together with the crisis that mined financial mines, has brought to a tendency inversion: users that prefer to work with their own devices as they’re often more advanced and modern than those the companies would provide. Read More
  • A switch for datacenters: Quanta LB4M

    You don’t always have to invest thousands of euros to build an enterprise-level networking: here’s our test of the Quanta LB4M switch Read More
  • Mobile World Congress in Barcelona

    GURU advisor will be at the Mobile World Congress in Barcelona from February 22nd to 25th 2016!

    MWC is one of the biggest conventions about the worldwide mobile market, we'll be present for the whole event and we'll keep you posted with news and previews from the congress.

    Read More
  • 1