renemoser.net

The php/Java bridge [1] is a streamed, XML-based network protocol, which can be used to connect a native script engine, PHP, with a Java or ECMA 335 virtual machine. It is more than 50 times faster than local RPC via SOAP, requires less resources on the web-server side, and it is faster and more reliable than direct communication via the Java Native Interface

[1] http://php-java-bridge.sourceforge.net/

Tags: fundgrube, Java, PHP

Tim vom Chaos Computer Club Berlin imformiert ausführlich, qualitativ hochstehend und regelmässig in einem Podcast “Chaosradio Express” (kurz CRE) über Aktuelles rund um Technik und Gesellschaft.

Tim hat sich diesmal in der 99 Folge das DNS vorgenommen. Ich hatte noch nicht die Gelegenheit den Podcast selber zu hören, kann mir aber gut vorstellen, dass das sonst schon hohe Niveau in diesem Podcast nochmals übertroffen wird.

Wie man weiss ist DNS der wichtigste Dienst im Internet, obschon er seit nunmehr 25 Jahren praktisch nicht mehr verändert wurde, läuft er stabil. Die Anforderungen haben sich jedoch in den letzten Jahren exponentiell erweitert. So wird heute DNS für alles mögliche Missbraucht, besonders beliebt ist er auf für die Bekämpfung von SPAM (SPF, Spamblacklists).

Tags: cre, dns

Zivios [1] aims to be a consolidated management portal for providing core infrastructure services using opensource technologies. The long term goals of Zivios are:

• Identity Management
• Single Sign-on and Certificate authority
• Package and Patch Management
• Service Management
• Network Monitoring
• Backup provisioning
• Core Infrastructure Services (NTP,DNS, etc)

Zivios is an n-tiered PHP-5 application. It uses MySQL and OpenLDAP as it’s datastore, with OpenLdap being the primary backend for identity management and application integration and MySQL being used for panel specific data.

Zend Framework is our framework of choice and Zivios implements its MVC design pattern.

[1] http://www.zivios.org/

Tags: ca, dns, fundgrube, kerberos, ldap, monitoring, ntp

Zenoss Core [1] is an award-winning open source IT monitoring product written in Python/Zope that delivers the functionality to effectively manage the configuration, health and performance of networks, servers and applications through a single, integrated software package.

One of the ten most active projects on SourceForge.Net [2], Zenoss software has been downloaded [3] over 600,000 times. Zenoss Core is being used by over 4,000 companies around the world, from small to medium sized enterprises to large global 2,000 corporations.

2008/07/24: We are very pleased to announce that the latest stable release of Zenoss, version 2.2.3 is now available for download. The Zenoss team has been hard at work nailing down defects (80+ closed!) and 2.2.3 should be one of our finest releases yet. While this is primarily a maintenance release, a lot of work has gone into testing and improving upgrades and installations.

[1] http://www.zenoss.com/
[2] http://sourceforge.net/projects/zenoss
[3] http://www.zenoss.com/download/links?nt

Tags: monitoring, nagios, network, python, zope

The SignServer [1] is an application framework performing cryptographic operations for other applications. It’s intended to be used in environments where keys are supposed to be protected in hardware but there isn’t possible to connect such hardware to existing enterprise applications or where the operations are considered extra sensitive so the hardware have to protected more carefully. Another usage is to provide a simplified method to provide signatures in different application managed from one location in the company.

From version 3.0 there also exists a mail signer framework that can be used to perform cryptographic operation on emails.

The SignServer have a ready to use:

* TimeStamp Authority (RFC 3161 complaint)
* PDF Signer
* MRTD Signer
* Validation Service Framework
* Group Key Service Framework
* Simple Mail Signer

The SignServer have been designed for high-availability and can be clustered for maximum reliability.

Different kinds of sign tokens exist:

* Soft token using PKCS12 files.
* PKCS#11 HSM tokens, such as the Utimaco CryptoServer or nCipher nShield.
* PrimeCardHSM using smart cards.

[1] http://www.signserver.org/

EJBCA [1] is a fully functional Certificate Authority. Based on J2EE technology it constitutes a robust, high performance and component based CA. Both flexible and platform independent, EJBCA can be used standalone or integrated in any J2EE application.

EJBCA is an enterprise class PKI, meaning that you can use EJBCA to build a complete PKI infrastructure for your organisation. If you only want to issue a few single certificates for testing, there are probably options that will get you started quicker, but if you want a serious PKI we recommend EJBCA.

[1] http://ejbca.sourceforge.net/

Openfire [1] (formerly Wildfire) is a real time collaboration (RTC) server dual-licensed under the Open Source GPL and commercially. It uses the only widely adopted open protocol for instant messaging, XMPP (also called Jabber). Openfire is incredibly easy to setup and administer, but offers rock-solid security and performance.

[1] http://www.igniterealtime.org/projects/openfire/

Will man OpenVPN mit GUI auf einem OS X haben, gabs da Tunnelblick [1], welches unter 10.4. ohne Probleme lief. Seit OS X 10.5. alias Leopard macht es jedoch Probleme, wie sogar Tunnelblick auf Ihrer Website schreiben.

Ein Mozilla Dev [2] hat nun eine gefixte Version [3] bereitgestellt, welche auch mit Leopard läuft.

Have Phun
[1] http://www.tunnelblick.net/
[2] http://weblogs.mozillazine.org/justin/2007/10/open_source_for_the_openvpn_wi.html
[3] http://people.mozilla.com/~justin/Tunnelblick-Leopard-3.0b5.dmg

Google wird missbraucht um links in spam etwas vertrauenswürdiger zu machen:

http://www.google.com/pagead/iclk?sa=l&ai=frEDmT&num=17616&adurl=http://www.microsoft.com

Google this is ugly…

Hier ist ein Stück Javacode mit dem man eine LDAP Authentifizierung realisieren kann:

import javax.naming.*;
import javax.naming.directory.*;
import java.util.Hashtable;

/**
 * Demonstrates how to create an initial context to an LDAP server
 * using simple authentication.
 */

class Simple {
    public static void main(String[] args) {
    	Hashtable authEnv = new Hashtable(11);
    	String userName = "johnlennon";
    	String passWord = "sushi974";
    	String base = "ou=People,dc=example,dc=com";
    	String dn = "uid=" + userName + "," + base;
    	String ldapURL = "ldap://ldap.example.com:389";

    	authEnv.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
   		authEnv.put(Context.PROVIDER_URL, ldapURL);
   		authEnv.put(Context.SECURITY_AUTHENTICATION, "simple");
   		authEnv.put(Context.SECURITY_PRINCIPAL, dn);
   		authEnv.put(Context.SECURITY_CREDENTIALS, passWord);

    	try {
    		DirContext authContext = new InitialDirContext(authEnv);
    		System.out.println("Authentication Success!");
    	} catch (AuthenticationException authEx) {
    		System.out.println("Authentication failed!");

    	} catch (NamingException namEx) {
    		System.out.println("Something went wrong!");
    		namEx.printStackTrace();
    	}
    }
}