Home Tags Lightweight Directory Access Protocol (LDAP)

Tag: Lightweight Directory Access Protocol (LDAP)

MapD’s GPU-powered database is now open source

MapD, creator of a GPU-accelerated database that scales both up and out, has open-sourced its core technology.As announced in a press release and blog post, the core database and its "associated visualization libraries" are available under the Apache 2.0 license.

But enterprise-level features like the high availability, LDAP, ODBC, and horizontal scaling functionality—many of which debuted in the 3.0 version released earlier this month—will be kept close to the chest.To read this article in full or to leave a comment, please click here

DDoS attacks abusing exposed LDAP servers on the rise

Each DDoS (distributed denial-of-service) attack seem to be larger than the last, and recent advisories from Akamai and Ixia indicate that attackers are stepping up their game.

As attackers expand their arsenal of reflection methods to target CLDAP ...

New Breed of DDoS Attack On the Rise

Akamai Networks since October has detected and mitigated at least 50 DDoS attacks using Connectionless LDAP.

DDoS attacks in Q4 2016

2016 was the year of Distributed Denial of Service (DDoS) with major disruptions in terms of technology, attack scale and impact on our daily life.
In fact, the year ended with massive DDoS attacks unseen before, leveraging Mirai botnet technology.

Amazon Cloud Directory shakes up databases

Nobody thinks of directory services like LDAP or Active Directory as fonts of innovation. But to Amazon, they are a starting point for building something new.A new public offering from Amazon called Cloud Directory aims to take the ho-hum idea behind a directory service—a hierarchical database—and endow it with features that make it useful to a far wider range of applications.[ Docker, Amazon, TensorFlow, Windows 10, and more: See InfoWorld's 2017 Technology of the Year Award winners. | Cut to the key news in technology trends and IT breakthroughs with the InfoWorld Daily newsletter, our summary of the top tech happenings. ]Move fast, change things—just don’t break them Cloud Directory is essentially a hierarchical database designed to allow the data stored inside to be seen via multiple hierarchies.

Amazon cites as an example a company org chart that can be navigated in multiple ways, such as by geography or reporting structure.To read this article in full or to leave a comment, please click here

RHBA-2017:0072-1: freeradius bug fix update

Updated freeradius packages that fix one bug are now available for Red HatEnterprise Linux 7. FreeRADIUS is a high-performance and highly configurable free RemoteAuthentication Dial In User Service (RADIUS) server, designed to allowcentralized authentication and authorization for a network.This update fixes the following bug:* Previously, the FreeRADIUS server exported symbols that were conflicting withsymbols defined in the libltdl library. When the FreeRADIUS server tried to opena connection to the MSSQL server using the rlm_sql_odbc interface and UnixODBCwas configured to use the FreeTDS library, the connection failed with thefollowing error message:"undefined symbol: get_vtable"This update renames the conflicting symbols. As a result, connections to MSSQLservers no longer fail in the described situation. (BZ#1394787)Users of freeradius are advised to upgrade to these updated packages, which fixthis bug. Red Hat Enterprise Linux Server (v. 7) SRPMS: freeradius-3.0.4-7.el7_3.src.rpm     MD5: 5e96632852397a55278fe7ad2409a29fSHA-256: 59509a3a66c6f70128580d87a3bf62c2f0d6d0ab85091993db83577756c2e27b   PPC: freeradius-3.0.4-7.el7_3.ppc64.rpm     MD5: aaa2f1fe524aef8201e3772c173e2a34SHA-256: 0b688cafd42eeaa14d54e1e7f9546645d544ee475e9daadd1e02712abeeebcc0 freeradius-debuginfo-3.0.4-7.el7_3.ppc.rpm     MD5: af8723c15c2bfdacd412806d4ed706dcSHA-256: 858a8955723f9166bbeeda8612a57c56bdb7f8ab7634b37a434436ce50b3176b freeradius-debuginfo-3.0.4-7.el7_3.ppc64.rpm     MD5: ccbbe1acbcc2f8d6ed89e1163a794e9bSHA-256: 51c4b41197d27cebb8d1ba4f37e4786ba7230eca75cbac931339646213e4cfc1 freeradius-devel-3.0.4-7.el7_3.ppc.rpm     MD5: 5711896014d5f0c4e3d4e3401efef6d3SHA-256: 4a1d7c00c22fca5e4b9e3d1e6c6d45792665729be9092b97384ca2215123864e freeradius-devel-3.0.4-7.el7_3.ppc64.rpm     MD5: b34c5265db6b567b8afb1cd48f03f64aSHA-256: e73f1521821ba950dd37cf2770486d332f7559207d3085b8b2d607d27d8592eb freeradius-doc-3.0.4-7.el7_3.ppc64.rpm     MD5: 3f37c3cdbb151bbc7dc67ab48d61e1a4SHA-256: 42c405e19145b88da6463a637b319abbbb29a6e1ec28044f7358a068d1371119 freeradius-krb5-3.0.4-7.el7_3.ppc64.rpm     MD5: eec5c37d9a0ce12b10bbb2f05e9df053SHA-256: 924feb65d3def899c43fb9e87eeb88d56bee385cf7c4dd4dbd7a4f5ddcd28a3b freeradius-ldap-3.0.4-7.el7_3.ppc64.rpm     MD5: 665c19ec33d00d18ee8b687c7a6dea4eSHA-256: cc745bc192933d19251695b3d2256f9e429852306ed95ad4937121bca2d2571e freeradius-mysql-3.0.4-7.el7_3.ppc64.rpm     MD5: 9b2d94a819845f7bd16886e7bc0bf8ccSHA-256: ccb9084b9946b7f0d8cadeb206c8badeae04ac95dfcffd2058ee1ece636c337c freeradius-perl-3.0.4-7.el7_3.ppc64.rpm     MD5: 2b0026f1992724a1377c724df6c120d5SHA-256: 9451a7592fa6c72e56a1996e682fe30b4d075eed3eb573f865313af961ab25e9 freeradius-postgresql-3.0.4-7.el7_3.ppc64.rpm     MD5: 9c91489ddc979db2c0e40b243785fc1eSHA-256: 22587e4769f76e26e6cca92216cb2d6459dfd82c90b916dcbe2b89764f7bee1e freeradius-python-3.0.4-7.el7_3.ppc64.rpm     MD5: 8c027857f0dbe9bdcaabbb6de55e46b5SHA-256: 7f6c1699bb3db9a8fb9a44abf400949513444590a44ba338e9325c1000f7ad6f freeradius-sqlite-3.0.4-7.el7_3.ppc64.rpm     MD5: 73effd27c782ceaf261899457e274c6cSHA-256: 474a9099296e5bf94c27fb964daa30508d9f76c94155d47c1c3870d7e364a3d9 freeradius-unixODBC-3.0.4-7.el7_3.ppc64.rpm     MD5: f0877c023811b0f7fcc9a546445e70e3SHA-256: 701b77c5ec0e64fa197be7d20c011ef79a6bad990c2fb6fb09aa99a70b341124 freeradius-utils-3.0.4-7.el7_3.ppc64.rpm     MD5: 094f5cc85a92eaa7bac692a3e1fd0217SHA-256: c5ea975b4cc148c42d9ae3b00c0caa006afd3eab0f43a0813246401860240776   PPC64LE: freeradius-3.0.4-7.el7_3.ppc64le.rpm     MD5: 5e0b1aa1289ffd43554db6275836c90bSHA-256: 07488616dfb9a8264cfc987103540d2dd5dfcc4abef53a2dc0f23c7e8f639bed freeradius-debuginfo-3.0.4-7.el7_3.ppc64le.rpm     MD5: 7e8a996e8d2efdd7c8383a3609c9da14SHA-256: b6652380de08e05cb23871b6c196e6aaf5758f0e6a03569f7d21b9cc0a930158 freeradius-devel-3.0.4-7.el7_3.ppc64le.rpm     MD5: f2bde27a58cb26df2a3564570e7f9d72SHA-256: 9d5ec51588136c246ac1bbd59786a0b08f906f37db5dcab0e699feeb5b1f662c freeradius-doc-3.0.4-7.el7_3.ppc64le.rpm     MD5: 5ee5af5e721f4413b181f8bfec827f55SHA-256: 11355cb8f27d55198bb1ca9428464696d538ab0cb0c1e6d51e8fe3d49fbe1b13 freeradius-krb5-3.0.4-7.el7_3.ppc64le.rpm     MD5: 7dd0647b8e3ed9eefd25e0df23db3d0eSHA-256: 9d5f61c648cc9b03dbfefa812a7154e2f85977e02400a45a0701dcb5811691ea freeradius-ldap-3.0.4-7.el7_3.ppc64le.rpm     MD5: 5df80476f533797412b8ef8eac7fe692SHA-256: 84e2443b283cdbffdbe4235cab0c1ae92c9764381db43d010805954e3c2c780a freeradius-mysql-3.0.4-7.el7_3.ppc64le.rpm     MD5: 56b856e3e0e8094641ed6897b11ed69cSHA-256: 86b7b33b399241b27023ff7c202b47fb50aa11b29169b7196d90341dcab0582e freeradius-perl-3.0.4-7.el7_3.ppc64le.rpm     MD5: 435d2f14683a8f51aecc804915fd9942SHA-256: 9bb3cac21d49fb7c715debd28159db6cb7ea1007b1f1f6772586f05f4593c541 freeradius-postgresql-3.0.4-7.el7_3.ppc64le.rpm     MD5: a71ffb8ed42f59e433a2082431f2fe4aSHA-256: 2deebc15e1bf41f9e6cd8da602d167992078e7276dc6a57deca23e15310f57f3 freeradius-python-3.0.4-7.el7_3.ppc64le.rpm     MD5: 089e0d939a2c6ff7599cd8e40b312fd2SHA-256: bf87ab72234ed742862c845adf378c03b35457cc6cdfaafb8451b1aa42cd0a96 freeradius-sqlite-3.0.4-7.el7_3.ppc64le.rpm     MD5: 59276f0ebe8cec373522d9b8872a6ca5SHA-256: 48ad2db3a6fb377ea34fd1b134038e55ebe2bab56103d552fa9844d43ae57bf5 freeradius-unixODBC-3.0.4-7.el7_3.ppc64le.rpm     MD5: f341c876508f64042ff9362a8677bd7bSHA-256: 67279b74e6698fcc2c5fa374c376fbfc2d11481a4bf6c989980fb4d7f98cea3f freeradius-utils-3.0.4-7.el7_3.ppc64le.rpm     MD5: 02d68a6b80678a76c9bcc57605be1e92SHA-256: e7df4369f9d61f3070299cb38581633084f9cc4e5ad4bd6974693443c0177892   s390x: freeradius-3.0.4-7.el7_3.s390x.rpm     MD5: 52bae7512435f85815620a39b6a23d0cSHA-256: c7ac534e0457ab9a36d1caff3c087868c3d4fd342c21ca434ce8665108fca58d freeradius-debuginfo-3.0.4-7.el7_3.s390.rpm     MD5: dc5025ddebe7a513846b3e0462f8603cSHA-256: e5474d9dde2ab8477c154b5399dc78d9aaaf4585b5a6d2938a0d2ae2b9a93fe1 freeradius-debuginfo-3.0.4-7.el7_3.s390x.rpm     MD5: 53e7b991142eab1a164767974d75caf3SHA-256: 1997c44040831b5b284f218ae485264ed52c822f86b07ca087028d6757514b48 freeradius-devel-3.0.4-7.el7_3.s390.rpm     MD5: fe3fbd2d654bfc1b128e68a06f069553SHA-256: 0db215de1770b8208649656b01983cb0d1521907b791a3e85bd5ea4383f37303 freeradius-devel-3.0.4-7.el7_3.s390x.rpm     MD5: 25698d6d169d6f82be0c8aa190efbfa2SHA-256: f58348d68c3203f84c6f6e85f68568d8081cb7a227eac2dc110436ded1cf1d7f freeradius-doc-3.0.4-7.el7_3.s390x.rpm     MD5: 39997fd4ccfde71b7717f18c41903697SHA-256: 2a8d8c80d4bb858276abf3cbf1af0995d34103c4d18cf8f55a7b80fe35badb06 freeradius-krb5-3.0.4-7.el7_3.s390x.rpm     MD5: ff536e3183408bc8a4ca37bd778ea3e4SHA-256: 5074472cdce0cfaedfaf24e5cea1ec565c1aadc693cca11ff10ac2b02c8e7469 freeradius-ldap-3.0.4-7.el7_3.s390x.rpm     MD5: 0f3aef5fb8d1ec941df5e6e18fcf6b57SHA-256: 3e03e2fbddfba25cc8432dbb363756aa513f749f1366786e92b495e92571896d freeradius-mysql-3.0.4-7.el7_3.s390x.rpm     MD5: 257cf4050b4681014e9ad1ede2c87d34SHA-256: f4e068f6e8df09d9d531cf814c82dedd661d1bea447c78d97f48260566eaeb90 freeradius-perl-3.0.4-7.el7_3.s390x.rpm     MD5: 28f0f21be0e8bed2047899eefaff1775SHA-256: d03d3ec074f3babe3c7f3763330a8879e170b8b0b596c9302932a8bf53d8aab4 freeradius-postgresql-3.0.4-7.el7_3.s390x.rpm     MD5: 065ad49d500e22359039caf24bc018ceSHA-256: cc1e6be66254c7fee8856510b0ca3a3b95f05ac008298b6acabf7b9e93cc9210 freeradius-python-3.0.4-7.el7_3.s390x.rpm     MD5: 69f69efd265f4f43f2015262f9516f26SHA-256: b6cc0eb3ff8674e0b01834641bb70fb5daa11878f5088e0e3691a7d361a83fba freeradius-sqlite-3.0.4-7.el7_3.s390x.rpm     MD5: db9ce18d2a37b07f2882d5ac8a2c588eSHA-256: dd731a73e9374a74d8ff687ec9b97e2ae7da3240da11d061a8b0f3cb0a9a0b99 freeradius-unixODBC-3.0.4-7.el7_3.s390x.rpm     MD5: 4f1f259eebf9416466e1475cccb489e3SHA-256: f8b779092fab55a4998e9f5d2b3770794e0a1802eff155f70f390e769a30d57a freeradius-utils-3.0.4-7.el7_3.s390x.rpm     MD5: 0a592741e5dde60ae6af76025702f4a8SHA-256: 188580afdbde07c0ed96dce567469265839cb40aeccb765e7bf33368d06c8be2   x86_64: freeradius-3.0.4-7.el7_3.x86_64.rpm     MD5: 324cd05f4175873056337301f5db3f3cSHA-256: 927a28600dfae5f3e469397e86c4cb1d07f8aff07c61485e723c865a1ba3d28a freeradius-debuginfo-3.0.4-7.el7_3.i686.rpm     MD5: 793281bdb20ce03387f32d67064467f8SHA-256: 91b7bb6fa4db6a526999075cefa33e6ec926f250ac9018dffe31322711bb513b freeradius-debuginfo-3.0.4-7.el7_3.x86_64.rpm     MD5: b066afb30956a2d756d1dada28987ca3SHA-256: c27eecb51018235c2953922d92b74fe179b564d69ac724a0af1914250b04475f freeradius-devel-3.0.4-7.el7_3.i686.rpm     MD5: 5b287335d4ffd19370f94de6e46c5c08SHA-256: 6f1113ce0bdd687ce87b031a53f7a51323ee88ccd9d0fe4fa60607143b1506b8 freeradius-devel-3.0.4-7.el7_3.x86_64.rpm     MD5: a012dea189d9cd4a934af530ba72cebeSHA-256: 62bf24ca618b1570c4a542260beb765cf831a8710d913b4cfee1b23b294862db freeradius-doc-3.0.4-7.el7_3.x86_64.rpm     MD5: 7de564b3f0a1c0746459b0d76f4c8196SHA-256: 8c46cbf09bf6a8c7c259c7a671018b40e8fee8fc72fe179dce3d6230666b7695 freeradius-krb5-3.0.4-7.el7_3.x86_64.rpm     MD5: 02b8e1aba5226b78631f8a25eab07594SHA-256: 5a380b1b428df3e9be595910d134026ccfc521d0983477ee3c1d2f9cae60aaa9 freeradius-ldap-3.0.4-7.el7_3.x86_64.rpm     MD5: 4bf09d747577ce1dda88437b17c086eeSHA-256: 8da7c2c2f7406a0cf23a396a50b29af8793d3055681017158fa290ae24280761 freeradius-mysql-3.0.4-7.el7_3.x86_64.rpm     MD5: caf7093d2d0709de3ec9f21a4858b114SHA-256: 7617d687aa3d7b57bf0fc5ad713783431568366de91c7ca7047b2c633d0305ef freeradius-perl-3.0.4-7.el7_3.x86_64.rpm     MD5: 0fd95f2575032c3583b225234ef06b1cSHA-256: 57fe0f68e18003307aa6ea14ec31175e3d71ed98f74e827d6a8569ce73816b01 freeradius-postgresql-3.0.4-7.el7_3.x86_64.rpm     MD5: 7ae05ec955cc1e33ac1b413250eafe15SHA-256: d60bce13100991ada442e837354a4991d7f37d4490f196a786057d6247ceaca2 freeradius-python-3.0.4-7.el7_3.x86_64.rpm     MD5: d65447e7d8d2b01847e10ecb89410dc1SHA-256: bbc0a3e3311b6799c952ae5161724af957025a0e15cdf815d16e104f24092c79 freeradius-sqlite-3.0.4-7.el7_3.x86_64.rpm     MD5: 3cbec77f072cc1b2217fd3a90e80a073SHA-256: 95250b415e278dbd7e4dd180d3139d188ac5ce5701f8fd4a28b2ba0ae381b7af freeradius-unixODBC-3.0.4-7.el7_3.x86_64.rpm     MD5: f35bb9c0457b1e07a55445c2c8f0a664SHA-256: ba5f154ce7cafd8e4074e644c73d27e2c669504bb394bcb38e490458dcc4789f freeradius-utils-3.0.4-7.el7_3.x86_64.rpm     MD5: a92a44d1daa697c379a8964dfd593983SHA-256: 945e3cdd8d9ed66857f7982c2a58a627ff607e0c4f4c926a316fcef6395f5074   Red Hat Enterprise Linux Server TUS (v. 7.3) SRPMS: freeradius-3.0.4-7.el7_3.src.rpm     MD5: 5e96632852397a55278fe7ad2409a29fSHA-256: 59509a3a66c6f70128580d87a3bf62c2f0d6d0ab85091993db83577756c2e27b   x86_64: freeradius-3.0.4-7.el7_3.x86_64.rpm     MD5: 324cd05f4175873056337301f5db3f3cSHA-256: 927a28600dfae5f3e469397e86c4cb1d07f8aff07c61485e723c865a1ba3d28a freeradius-debuginfo-3.0.4-7.el7_3.i686.rpm     MD5: 793281bdb20ce03387f32d67064467f8SHA-256: 91b7bb6fa4db6a526999075cefa33e6ec926f250ac9018dffe31322711bb513b freeradius-debuginfo-3.0.4-7.el7_3.x86_64.rpm     MD5: b066afb30956a2d756d1dada28987ca3SHA-256: c27eecb51018235c2953922d92b74fe179b564d69ac724a0af1914250b04475f freeradius-devel-3.0.4-7.el7_3.i686.rpm     MD5: 5b287335d4ffd19370f94de6e46c5c08SHA-256: 6f1113ce0bdd687ce87b031a53f7a51323ee88ccd9d0fe4fa60607143b1506b8 freeradius-devel-3.0.4-7.el7_3.x86_64.rpm     MD5: a012dea189d9cd4a934af530ba72cebeSHA-256: 62bf24ca618b1570c4a542260beb765cf831a8710d913b4cfee1b23b294862db freeradius-doc-3.0.4-7.el7_3.x86_64.rpm     MD5: 7de564b3f0a1c0746459b0d76f4c8196SHA-256: 8c46cbf09bf6a8c7c259c7a671018b40e8fee8fc72fe179dce3d6230666b7695 freeradius-krb5-3.0.4-7.el7_3.x86_64.rpm     MD5: 02b8e1aba5226b78631f8a25eab07594SHA-256: 5a380b1b428df3e9be595910d134026ccfc521d0983477ee3c1d2f9cae60aaa9 freeradius-ldap-3.0.4-7.el7_3.x86_64.rpm     MD5: 4bf09d747577ce1dda88437b17c086eeSHA-256: 8da7c2c2f7406a0cf23a396a50b29af8793d3055681017158fa290ae24280761 freeradius-mysql-3.0.4-7.el7_3.x86_64.rpm     MD5: caf7093d2d0709de3ec9f21a4858b114SHA-256: 7617d687aa3d7b57bf0fc5ad713783431568366de91c7ca7047b2c633d0305ef freeradius-perl-3.0.4-7.el7_3.x86_64.rpm     MD5: 0fd95f2575032c3583b225234ef06b1cSHA-256: 57fe0f68e18003307aa6ea14ec31175e3d71ed98f74e827d6a8569ce73816b01 freeradius-postgresql-3.0.4-7.el7_3.x86_64.rpm     MD5: 7ae05ec955cc1e33ac1b413250eafe15SHA-256: d60bce13100991ada442e837354a4991d7f37d4490f196a786057d6247ceaca2 freeradius-python-3.0.4-7.el7_3.x86_64.rpm     MD5: d65447e7d8d2b01847e10ecb89410dc1SHA-256: bbc0a3e3311b6799c952ae5161724af957025a0e15cdf815d16e104f24092c79 freeradius-sqlite-3.0.4-7.el7_3.x86_64.rpm     MD5: 3cbec77f072cc1b2217fd3a90e80a073SHA-256: 95250b415e278dbd7e4dd180d3139d188ac5ce5701f8fd4a28b2ba0ae381b7af freeradius-unixODBC-3.0.4-7.el7_3.x86_64.rpm     MD5: f35bb9c0457b1e07a55445c2c8f0a664SHA-256: ba5f154ce7cafd8e4074e644c73d27e2c669504bb394bcb38e490458dcc4789f freeradius-utils-3.0.4-7.el7_3.x86_64.rpm     MD5: a92a44d1daa697c379a8964dfd593983SHA-256: 945e3cdd8d9ed66857f7982c2a58a627ff607e0c4f4c926a316fcef6395f5074   Red Hat Enterprise Linux Workstation (v. 7) SRPMS: freeradius-3.0.4-7.el7_3.src.rpm     MD5: 5e96632852397a55278fe7ad2409a29fSHA-256: 59509a3a66c6f70128580d87a3bf62c2f0d6d0ab85091993db83577756c2e27b   x86_64: freeradius-3.0.4-7.el7_3.x86_64.rpm     MD5: 324cd05f4175873056337301f5db3f3cSHA-256: 927a28600dfae5f3e469397e86c4cb1d07f8aff07c61485e723c865a1ba3d28a freeradius-debuginfo-3.0.4-7.el7_3.i686.rpm     MD5: 793281bdb20ce03387f32d67064467f8SHA-256: 91b7bb6fa4db6a526999075cefa33e6ec926f250ac9018dffe31322711bb513b freeradius-debuginfo-3.0.4-7.el7_3.x86_64.rpm     MD5: b066afb30956a2d756d1dada28987ca3SHA-256: c27eecb51018235c2953922d92b74fe179b564d69ac724a0af1914250b04475f freeradius-devel-3.0.4-7.el7_3.i686.rpm     MD5: 5b287335d4ffd19370f94de6e46c5c08SHA-256: 6f1113ce0bdd687ce87b031a53f7a51323ee88ccd9d0fe4fa60607143b1506b8 freeradius-devel-3.0.4-7.el7_3.x86_64.rpm     MD5: a012dea189d9cd4a934af530ba72cebeSHA-256: 62bf24ca618b1570c4a542260beb765cf831a8710d913b4cfee1b23b294862db freeradius-doc-3.0.4-7.el7_3.x86_64.rpm     MD5: 7de564b3f0a1c0746459b0d76f4c8196SHA-256: 8c46cbf09bf6a8c7c259c7a671018b40e8fee8fc72fe179dce3d6230666b7695 freeradius-krb5-3.0.4-7.el7_3.x86_64.rpm     MD5: 02b8e1aba5226b78631f8a25eab07594SHA-256: 5a380b1b428df3e9be595910d134026ccfc521d0983477ee3c1d2f9cae60aaa9 freeradius-ldap-3.0.4-7.el7_3.x86_64.rpm     MD5: 4bf09d747577ce1dda88437b17c086eeSHA-256: 8da7c2c2f7406a0cf23a396a50b29af8793d3055681017158fa290ae24280761 freeradius-mysql-3.0.4-7.el7_3.x86_64.rpm     MD5: caf7093d2d0709de3ec9f21a4858b114SHA-256: 7617d687aa3d7b57bf0fc5ad713783431568366de91c7ca7047b2c633d0305ef freeradius-perl-3.0.4-7.el7_3.x86_64.rpm     MD5: 0fd95f2575032c3583b225234ef06b1cSHA-256: 57fe0f68e18003307aa6ea14ec31175e3d71ed98f74e827d6a8569ce73816b01 freeradius-postgresql-3.0.4-7.el7_3.x86_64.rpm     MD5: 7ae05ec955cc1e33ac1b413250eafe15SHA-256: d60bce13100991ada442e837354a4991d7f37d4490f196a786057d6247ceaca2 freeradius-python-3.0.4-7.el7_3.x86_64.rpm     MD5: d65447e7d8d2b01847e10ecb89410dc1SHA-256: bbc0a3e3311b6799c952ae5161724af957025a0e15cdf815d16e104f24092c79 freeradius-sqlite-3.0.4-7.el7_3.x86_64.rpm     MD5: 3cbec77f072cc1b2217fd3a90e80a073SHA-256: 95250b415e278dbd7e4dd180d3139d188ac5ce5701f8fd4a28b2ba0ae381b7af freeradius-unixODBC-3.0.4-7.el7_3.x86_64.rpm     MD5: f35bb9c0457b1e07a55445c2c8f0a664SHA-256: ba5f154ce7cafd8e4074e644c73d27e2c669504bb394bcb38e490458dcc4789f freeradius-utils-3.0.4-7.el7_3.x86_64.rpm     MD5: a92a44d1daa697c379a8964dfd593983SHA-256: 945e3cdd8d9ed66857f7982c2a58a627ff607e0c4f4c926a316fcef6395f5074   (The unlinked packages above are only available from the Red Hat Network) These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

Trump’s cyber-guru Giuliani runs ancient ‘easily hackable website’

Stunned security experts tear strips off president-elect pick hours after announcementUS president-elect Donald Trump's freshly minted cyber-tsar Rudy Giuliani runs a website with a content management system years out of date and potentially utterly hackable. Former New York City mayor and Donald loyalist Giuliani was today unveiled by Trump's transition team as the future president's cybersecurity adviser – meaning Giuliani will play a crucial role in the defense of America's computer infrastructure. Giulianisecurity.com, the website for the ex-mayor's eponymous infosec consultancy firm, is powered by a roughly five-year-old build of Joomla! that is packed with vulnerabilities.
Some of those bugs can be potentially exploited by miscreants using basic SQL injection techniques to compromise the server. This seemingly insecure system also has a surprising number of network ports open – from MySQL and anonymous LDAP to a very out-of-date OpenSSH 4.7 that was released in 2007. Security gurus are right now tearing strips off Trump's cyber-wizard pick.

Top hacker Dan Tentler was first to point out the severely out-of-date Joomla! install. "It speaks volumes," Tentler told The Register, referring to Giuliani's computer security credentials, or lack of, and fitness for the top post. "Seventy-year-old luddite autocrats who often brag about not using technology are somehow put in charge of technology: it's like setting our country on fire and giving every extranational hacker a roman candle – or, rather, not setting on fire, but dousing in gasoline." Content management system developer Michael Fienen also pulled no punches: It gets worse. "Giuliani is running a version of PHP that was released in 2013, and a version of Joomla that was released around 2012," said Ty Miller, a director at Sydney-based infosec biz Threat Intelligence. "Using the version information, within minutes we were able to identify a combined list of 41 publicly known vulnerabilities and 19 publicly available exploits.

Depending upon the configuration of the website, these exploits may or may not work, but is an indication that Giuliani's security needs to be taken up a level." Found on /r/sysadmin, presented without comment. pic.twitter.com/UmWe7tHURv — Ryan Castellucci (@ryancdotorg) January 12, 2017 The most surprising fact in all of this is that the Giuliani Security website hasn't ALREADY been hacked.

They might as well put out a sign. — Michael Fienen (@fienen) January 12, 2017 Another computer security expert, speaking to The Register on condition of anonymity, analyzed Giuliani's website for us. Our guru, based in Australia, said that while the pending cyber-tsar is likely to have outsourced management of his online base, the fact that the mayor-turned-cyber-expert didn't check for lax security on his own website is not going to instill any confidence. We have reproduced our contact's assessment in full on the next page. ® 'Someone should be taken to task for this' Well, talking nuts and bolts: that website is hosted with a hosting provider.
It looks like it has its own IP address based on having a single DNS PTR object (reverse address to the name giulianisecurity.com) which means its unlikely to be in use by other organisations (except maybe his own... who knows.) That IP address is allocated out of a block of addresses registered to Japanese giant NTT but these could also be provided to NTT’s customers such as web developers/hosting providers etc. Without actively poking at the site – which I’m terrified to do, frankly – it may be shared hosting, may be a VPS, or may be a physically separate dedicated hosting solution.
I’m betting it’s a cheap VPS-based ‘dedicated’ solution. My experience with this kind of hosting means that a nice attack vector is identifying the hosting provider and trying to get allocated a similar hosting solution in the adjacent IP address space, getting root on it (or having it if it’s a VPS) and then using ‘layer 2’ fun and games to redirect the victim site’s traffic to the attacker.

This still works amazingly well and is why smart people try to do things like statically publish layer-2 addresses for layer 3 IP gateways (although this is only so effective, really). For the giulianisecurity.com domain they seem to use Microsoft Office 365 for his email. Not a bad choice.

Email security sucks and, unless you know what you’re doing/are a glutton for punishment or are generally my kind of tinfoilhat wearer (hey, friends), it’s best to leave email security to someone reasonably credible. I also note they use a large trademark monitor company – MarkMonitor.com – for the DNS service provider for the domain name giulianisecurity.com. Which is hilarious.

Because, yeah, you’d want to intrude trademark-wise on this guy’s name because it’s such a valuable brand. Like Trump’s, you know? The reality is someone else makes these choices for him for his business.
It’s not like he’s there, updating his ancient and known vulnerable Joomla content management system himself (he’d get props from me if that were the case :) Anyone truly trying to protect your brand would avoid putting a giant red flag like an unpatched CMS in a commodity hosting environment out there. Whether it’s Giuliani’s company’s responsibility or an outsourced provider’s (very likely) the ‘having ancient Joomla’ in place is a pretty bad look.
Someone should be taken to task a bit for this.

And if you’re a security and safety company with an understanding of information security threats you’d have threat management programs in place to identify and improve your controls. For example, if you were undertaking actual security testing of your site I’d wager anyone in infosec – or in IT generally really – would’ve noticed the ancient CMS and its default install remnants using the crappiest, free-est tools out there.
So respectfully, Rudy, get someone to patch your shit and seek out some kind of specialist advice. Snarky comments aside – it really comes down to this greater concern: there’s literally millions of people in infosec who would be better cyber security advisors than Giuliani or whomever his technical advisors are that he’d call on for advice. So I’d ask – again respectfully – that the president elect cast a slightly wider net than he has to receive ‘cyber’ security advice.

As much as most people in infosec are a bunch of opinionated jerks (oh, and we are) we’re all here to help. Just ask a professional.

First sign in knowing one? It’s the person who doesn’t use the word ‘cyber’ to prefix everything they say.

RHBA-2017:0034-1: 389-ds-base security, bug fix, and enhancement update

An update for 389-ds-base is now available for Red Hat Enterprise Linux 6.Red Hat Product Security has rated this update as having a security impact ofModerate.

A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server.

The basepackages include the Lightweight Directory Access Protocol (LDAP) server andcommand-line utilities for server administration.This update fixes the following bug:* Previously, the referential integrity plug-in performed add, modify, anddelete operations more slowly than necessary.

This update fixes the bug andimproves performance of these operations significantly.(BZ#1393007)Users of 389-ds-base are advised to upgrade to these updated packages, which fixthis bug. For details on how to apply this update, which includes the changesdescribed in this advisory, refer to:https://access.redhat.com/articles/11258After installing this update, the 389 server service will be restartedautomatically.Red Hat Enterprise Linux Desktop (v. 6) SRPMS: 389-ds-base-1.2.11.15-85.el6_8.src.rpm     MD5: 2af203e5920650570c143301c4626cc4SHA-256: 65df39f4cfde83db592a69cc163588f7b6d46f3750bbc5d96943196da48a4659   IA-32: 389-ds-base-1.2.11.15-85.el6_8.i686.rpm     MD5: 9e0c793e24156afb384b84d1525fa3a5SHA-256: c7af552eda5af9093dbc744bff38908173090f2724edf695ebf26ce12265b0e1 389-ds-base-debuginfo-1.2.11.15-85.el6_8.i686.rpm     MD5: f69d273751f346604b148ea6d552d50cSHA-256: 5fccf8b0e9de5deae4f0cef4a0d08b84d2c616fa5507a54e67f09a975635b595 389-ds-base-devel-1.2.11.15-85.el6_8.i686.rpm     MD5: 4abbac85f5cae6f8eac2029b16a19592SHA-256: f2a8b61cf02868f37d65bde0ca71dc0563db66ab410c8c9fad99f5ad4c7fa2a0 389-ds-base-libs-1.2.11.15-85.el6_8.i686.rpm     MD5: ae7998cc2cb314a6bfabfead7de7af44SHA-256: 26bade5ca135179b3010100c471b3306335d71c80f29468beb6c9ee08e86bd89   x86_64: 389-ds-base-1.2.11.15-85.el6_8.x86_64.rpm     MD5: 73092f81bf0fe99b00b5b9e4a2508e15SHA-256: 7299834a2d27e72aff88a52ea76feb82ffc82a29e8843bf9bd358401465fffd8 389-ds-base-debuginfo-1.2.11.15-85.el6_8.i686.rpm     MD5: f69d273751f346604b148ea6d552d50cSHA-256: 5fccf8b0e9de5deae4f0cef4a0d08b84d2c616fa5507a54e67f09a975635b595 389-ds-base-debuginfo-1.2.11.15-85.el6_8.x86_64.rpm     MD5: 8d8d6a5abe0fcf184d2ce502f5961bddSHA-256: 012313823ce1ba338ba54d5db3e9f0fb647d2106982a0f113abfdd701691c1ac 389-ds-base-devel-1.2.11.15-85.el6_8.i686.rpm     MD5: 4abbac85f5cae6f8eac2029b16a19592SHA-256: f2a8b61cf02868f37d65bde0ca71dc0563db66ab410c8c9fad99f5ad4c7fa2a0 389-ds-base-devel-1.2.11.15-85.el6_8.x86_64.rpm     MD5: cac59e536461a82274551b540f2aee52SHA-256: 68673eef9399ea8eb0f7d22e270283d732fc9798238d520856f9d75f932b3b55 389-ds-base-libs-1.2.11.15-85.el6_8.i686.rpm     MD5: ae7998cc2cb314a6bfabfead7de7af44SHA-256: 26bade5ca135179b3010100c471b3306335d71c80f29468beb6c9ee08e86bd89 389-ds-base-libs-1.2.11.15-85.el6_8.x86_64.rpm     MD5: e3af3cd147d4941d3766af297188b38cSHA-256: b4c02074daf7e6970be3ca2cf15144baaaae17ff7d353b5d7afcfacb5794fcf3   Red Hat Enterprise Linux HPC Node (v. 6) SRPMS: 389-ds-base-1.2.11.15-85.el6_8.src.rpm     MD5: 2af203e5920650570c143301c4626cc4SHA-256: 65df39f4cfde83db592a69cc163588f7b6d46f3750bbc5d96943196da48a4659   x86_64: 389-ds-base-1.2.11.15-85.el6_8.x86_64.rpm     MD5: 73092f81bf0fe99b00b5b9e4a2508e15SHA-256: 7299834a2d27e72aff88a52ea76feb82ffc82a29e8843bf9bd358401465fffd8 389-ds-base-debuginfo-1.2.11.15-85.el6_8.i686.rpm     MD5: f69d273751f346604b148ea6d552d50cSHA-256: 5fccf8b0e9de5deae4f0cef4a0d08b84d2c616fa5507a54e67f09a975635b595 389-ds-base-debuginfo-1.2.11.15-85.el6_8.x86_64.rpm     MD5: 8d8d6a5abe0fcf184d2ce502f5961bddSHA-256: 012313823ce1ba338ba54d5db3e9f0fb647d2106982a0f113abfdd701691c1ac 389-ds-base-devel-1.2.11.15-85.el6_8.i686.rpm     MD5: 4abbac85f5cae6f8eac2029b16a19592SHA-256: f2a8b61cf02868f37d65bde0ca71dc0563db66ab410c8c9fad99f5ad4c7fa2a0 389-ds-base-devel-1.2.11.15-85.el6_8.x86_64.rpm     MD5: cac59e536461a82274551b540f2aee52SHA-256: 68673eef9399ea8eb0f7d22e270283d732fc9798238d520856f9d75f932b3b55 389-ds-base-libs-1.2.11.15-85.el6_8.i686.rpm     MD5: ae7998cc2cb314a6bfabfead7de7af44SHA-256: 26bade5ca135179b3010100c471b3306335d71c80f29468beb6c9ee08e86bd89 389-ds-base-libs-1.2.11.15-85.el6_8.x86_64.rpm     MD5: e3af3cd147d4941d3766af297188b38cSHA-256: b4c02074daf7e6970be3ca2cf15144baaaae17ff7d353b5d7afcfacb5794fcf3   Red Hat Enterprise Linux Server (v. 6) SRPMS: 389-ds-base-1.2.11.15-85.el6_8.src.rpm     MD5: 2af203e5920650570c143301c4626cc4SHA-256: 65df39f4cfde83db592a69cc163588f7b6d46f3750bbc5d96943196da48a4659   IA-32: 389-ds-base-1.2.11.15-85.el6_8.i686.rpm     MD5: 9e0c793e24156afb384b84d1525fa3a5SHA-256: c7af552eda5af9093dbc744bff38908173090f2724edf695ebf26ce12265b0e1 389-ds-base-debuginfo-1.2.11.15-85.el6_8.i686.rpm     MD5: f69d273751f346604b148ea6d552d50cSHA-256: 5fccf8b0e9de5deae4f0cef4a0d08b84d2c616fa5507a54e67f09a975635b595 389-ds-base-devel-1.2.11.15-85.el6_8.i686.rpm     MD5: 4abbac85f5cae6f8eac2029b16a19592SHA-256: f2a8b61cf02868f37d65bde0ca71dc0563db66ab410c8c9fad99f5ad4c7fa2a0 389-ds-base-libs-1.2.11.15-85.el6_8.i686.rpm     MD5: ae7998cc2cb314a6bfabfead7de7af44SHA-256: 26bade5ca135179b3010100c471b3306335d71c80f29468beb6c9ee08e86bd89   x86_64: 389-ds-base-1.2.11.15-85.el6_8.x86_64.rpm     MD5: 73092f81bf0fe99b00b5b9e4a2508e15SHA-256: 7299834a2d27e72aff88a52ea76feb82ffc82a29e8843bf9bd358401465fffd8 389-ds-base-debuginfo-1.2.11.15-85.el6_8.i686.rpm     MD5: f69d273751f346604b148ea6d552d50cSHA-256: 5fccf8b0e9de5deae4f0cef4a0d08b84d2c616fa5507a54e67f09a975635b595 389-ds-base-debuginfo-1.2.11.15-85.el6_8.x86_64.rpm     MD5: 8d8d6a5abe0fcf184d2ce502f5961bddSHA-256: 012313823ce1ba338ba54d5db3e9f0fb647d2106982a0f113abfdd701691c1ac 389-ds-base-devel-1.2.11.15-85.el6_8.i686.rpm     MD5: 4abbac85f5cae6f8eac2029b16a19592SHA-256: f2a8b61cf02868f37d65bde0ca71dc0563db66ab410c8c9fad99f5ad4c7fa2a0 389-ds-base-devel-1.2.11.15-85.el6_8.x86_64.rpm     MD5: cac59e536461a82274551b540f2aee52SHA-256: 68673eef9399ea8eb0f7d22e270283d732fc9798238d520856f9d75f932b3b55 389-ds-base-libs-1.2.11.15-85.el6_8.i686.rpm     MD5: ae7998cc2cb314a6bfabfead7de7af44SHA-256: 26bade5ca135179b3010100c471b3306335d71c80f29468beb6c9ee08e86bd89 389-ds-base-libs-1.2.11.15-85.el6_8.x86_64.rpm     MD5: e3af3cd147d4941d3766af297188b38cSHA-256: b4c02074daf7e6970be3ca2cf15144baaaae17ff7d353b5d7afcfacb5794fcf3   Red Hat Enterprise Linux Workstation (v. 6) SRPMS: 389-ds-base-1.2.11.15-85.el6_8.src.rpm     MD5: 2af203e5920650570c143301c4626cc4SHA-256: 65df39f4cfde83db592a69cc163588f7b6d46f3750bbc5d96943196da48a4659   IA-32: 389-ds-base-1.2.11.15-85.el6_8.i686.rpm     MD5: 9e0c793e24156afb384b84d1525fa3a5SHA-256: c7af552eda5af9093dbc744bff38908173090f2724edf695ebf26ce12265b0e1 389-ds-base-debuginfo-1.2.11.15-85.el6_8.i686.rpm     MD5: f69d273751f346604b148ea6d552d50cSHA-256: 5fccf8b0e9de5deae4f0cef4a0d08b84d2c616fa5507a54e67f09a975635b595 389-ds-base-devel-1.2.11.15-85.el6_8.i686.rpm     MD5: 4abbac85f5cae6f8eac2029b16a19592SHA-256: f2a8b61cf02868f37d65bde0ca71dc0563db66ab410c8c9fad99f5ad4c7fa2a0 389-ds-base-libs-1.2.11.15-85.el6_8.i686.rpm     MD5: ae7998cc2cb314a6bfabfead7de7af44SHA-256: 26bade5ca135179b3010100c471b3306335d71c80f29468beb6c9ee08e86bd89   x86_64: 389-ds-base-1.2.11.15-85.el6_8.x86_64.rpm     MD5: 73092f81bf0fe99b00b5b9e4a2508e15SHA-256: 7299834a2d27e72aff88a52ea76feb82ffc82a29e8843bf9bd358401465fffd8 389-ds-base-debuginfo-1.2.11.15-85.el6_8.i686.rpm     MD5: f69d273751f346604b148ea6d552d50cSHA-256: 5fccf8b0e9de5deae4f0cef4a0d08b84d2c616fa5507a54e67f09a975635b595 389-ds-base-debuginfo-1.2.11.15-85.el6_8.x86_64.rpm     MD5: 8d8d6a5abe0fcf184d2ce502f5961bddSHA-256: 012313823ce1ba338ba54d5db3e9f0fb647d2106982a0f113abfdd701691c1ac 389-ds-base-devel-1.2.11.15-85.el6_8.i686.rpm     MD5: 4abbac85f5cae6f8eac2029b16a19592SHA-256: f2a8b61cf02868f37d65bde0ca71dc0563db66ab410c8c9fad99f5ad4c7fa2a0 389-ds-base-devel-1.2.11.15-85.el6_8.x86_64.rpm     MD5: cac59e536461a82274551b540f2aee52SHA-256: 68673eef9399ea8eb0f7d22e270283d732fc9798238d520856f9d75f932b3b55 389-ds-base-libs-1.2.11.15-85.el6_8.i686.rpm     MD5: ae7998cc2cb314a6bfabfead7de7af44SHA-256: 26bade5ca135179b3010100c471b3306335d71c80f29468beb6c9ee08e86bd89 389-ds-base-libs-1.2.11.15-85.el6_8.x86_64.rpm     MD5: e3af3cd147d4941d3766af297188b38cSHA-256: b4c02074daf7e6970be3ca2cf15144baaaae17ff7d353b5d7afcfacb5794fcf3   (The unlinked packages above are only available from the Red Hat Network) 1393007 - ds9 backport 47411 - Replace substring search with plain search in referint plugin These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

DDoS in 2017: Strap yourself in for a bumpy ride

2016 sucked. 2017 won’t be much better, sorry DDoS attacks have been around since at least 2000, and they’re not going away.
In fact, as the number of devices online grows, the volume and velocity of these attacks is also increasing. Whole industries have developed around launching and preventing DDoS campaigns as black hats and white hats battle for dominance, and 2017 promises to be the most dramatic year yet in that conflict. Here are some predictions about what’s likely to happen in the next 12 months. Whale-sized attacks will increase Historically, DDoS attacks have been relatively small: the majority of attacks – 93 per cent – are below 1Gbps in size, so when large attacks do happen, they tend to show up on the radar. We’ve seen some monster attacks in 2016 – most notably the Mirai-based attack on Brian Krebs’ Krebsonsecurity site during September that caused Akamai to withdraw support, and the attack on Dyn in October. These mega-attacks, totalling 100Gbps or more, are likely to increase in both number and size.
In its Q3 State of the Internet security report, Akamai spotted a 138 per cent increase in attacks over 100Gbps. Expect to see more of these, especially as attackers become more devious. New attack techniques applying the Lightweight Directory Access Protocol (LDAP could amplify DDoS attacks by 55 times, which could send already-mounting attack volumes into overdrive. Not only are we likely to see more mega-attacks, but the largest ones will push the envelope in size terms. The IoT will become a bigger factor in DDoS Expect to see the Internet of Things (IoT) play an important part in these attacks. Mirai, which warped DVRs into evil, traffic-spitting monsters, has already wreaked havoc in Liberia and across much of the rest of the web.

And the software wasn’t even very good. Forrester Research predicts that IoT compromises will escalate a notch in 2017, arguing that 500,000 IoT devices will suffer from a single compromise, dwarfing the Heartbleed bug of 2014. The number of connected devices is going to increase greatly over the next few years, IDC estimates.
It’s time for IoT equipment suppliers to sort out their device security, warned Kevin Lonergan, who heads up security research at IDC Canada. “Attackers can easily gain access to these devices via unchanged default passwords and vulnerabilities in outdated firmware,” he said. “This problem is only going to get worse as connectivity is added to traditionally unconnected devices such as home appliances, cars, etc., by vendors who have little experience with creating secure code.” Making consumers change their default configuration before an IoT device will actually work might be a good idea.

The problem is that someone would have to regulate it, because vendors will be loath to do anything that introduces friction and increases customer support costs. DDoS will overshadow ransomware attacks As the volume of DDoS attacks increases, demand for mitigation services will increase exponentially. Nick Galletto, leader of Deloitte’s Canadian Technology Risk practice, believes that DDoS will take over from ransomware as a dominant risk to organizations worldwide. “Even before the recent [mega-]attacks, we saw that many of our clients were experiencing some level of attacks that mostly flooded their network environment,” he said.

The causes were multi-faceted, he said, adding that hacktivism played a part.

Disgruntled employees were also found to have hired DDoS attack services in some cases, Galletto added. Sub-saturating attacks will create a security vector DDoS may take over from ransomware as a cause for concern, but it’s also worth pointing out that one may act as a diversion for the other.

There’s a reason that the lion’s share of attacks operate on a relatively small (sub-saturating) scale: they could be distracting their targets while attackers compromise their systems.

This has happened before.
In 2015, attackers allegedly used a DDoS attack as a smokescreen to pilfer the personal details of 2.4 million customers. Larger DDoS attacks often show up as a network accessibility problem, but companies will increasingly find themselves experiencing them as a security issue.

These "dark DDoS" attacks are typically hard to detect, so companies will need to ensure that they have proper visibility over their network traffic to tease out attacks that could be an attempt to cloak something more insidious. Extortion via DDoS on the rise DDoS attackers are increasingly targeting companies for financial gain.

Expect to see more DDoS threats in which attackers hold companies to ransom, warn experts.

The DDoS mitigation firm Corero surveyed more than 100 IT professionals at the InfoSecurity Europe show in summer 2016, and found that eight in ten people expected their company to be on the sharp end of a DDoS extortion. Perhaps even more worrying is the news that 43 per cent of firms said they’d consider paying such a demand to keep their websites up and running. These extortion attacks come from a variety of sources.

The Amanda Collective was threatening companies as early as March 2016 (although its capabilities have been called into question). DD4BC, which also uses bitcoin as the payment currency for its DDoS blackmail campaigns, has drawn the attention of Interpol. DDoS-for-hire services will gain traction DDoS attack toolkits have been around for years, as have services that will enable you to pay for an attack.

Expect to see more of them. Why? Firstly, because they can be offered incredibly cheaply, and secondly, because there are still huge amounts of money to be made. Often offered as ‘stressors’ – sites used to stress-test targets legitimately – DDoS-for- hire services don’t ask too many questions about whether a ‘tester’ has permission to target a site. Others openly offer DDoS services. Stressors have been spotted in the wild offering these services for $5 an hour.
In spite of the low fees, DDoSas-a-service providers can make a pretty packet. When the British teeanager Adam Mudd was collared for offering such a service in November, he was said have made $385,000 from 1.7 million attacks against 1.7 million addresses. DDoS-for-hire is going to ramp up.

The IoT botnets, combined with an easy money-making opportunity, will bring more of this kind of thing in 2017.
Sceptical? Well, there’s already a 400,000 strong IoT zombie army for rent, using the Mirai malware. Some of these developments are brand new, while others chart future trends from current trajectories. One thing seems likely: if you think that DDoS activity made for a crummy, stressful 2016, then you’d better strap yourself in for the coming year. Sponsored: Want to know more about PAM? Visit The Register's hub

CA Technologies Updates Identity Suite

New release of CA Identity Suite provides pre-configured policy templates to help organizations manage and deploy secure identity services. CA Technologies announced an update to its CA Identity Suite on November 30, providing enterprises with new deployment, integration and security capabilities.

The new CA Identity Suite version 14 release benefits from recent acquisitions made by CA."You need to have a model for how to ensure the appropriate access regardless of where the using is coming from or where the resources are located," Nick Nikols, SVP and Cybersecurity Business CTO at CA Technologies, told eWEEK. "Identity isn't about who you are, it's about what you do."Nikols explained that the CA Identity Suite provides capabilities for access governance as well as enforcement features. He added that a goal of the new release is to simplify access governance with a user interface that is easier for business decision makers to use."We have also simplified how fast the CA Identity Suite can be be deployed," Nikols said. In the past, Nikols noted that prior versions of Identity Suite would often involve the use of professional services with consulting in order to facilitate deployment. Nikols said that now, with the new release, even a high-availability configuration can be deployed rapidly.

At the Gartner IAM (Identity and Access Management) conference on December 1, Nikols said that CA demonstrated on-stage how it was able to deliver a two-server deployment of Identity Suite within eight minutes. Once the identity suite is deployed on servers, there is still a need for policy configuration, which is where another new enhancement comes in. Nikols explained that with the new Identity Suite release, there are now pre-packaged policy configurations for the most common use-cases. Policy configurations can now also be shared within an organization or community."We've turned the roll-out of Identity Suite from being a custom bespoke engagement which was time consuming, to something that can be deployed quickly and operational in short order," Nikols said.Some of the new capabilities in the updated Identity Suite benefit from recent CA Technologies acquisitions.

Among those acquisitions was one on June 8, 2015 of privately-held intelligent identity manager IdMlogic. Nikols said that some of the capabilities in the new release, including the ability to deliver the Identity Suite as a virtual appliance, were gained from IdMlogic.The issue of maintaining a secure identity in a modern distributed enterprise is a non-trivial task.
In addition to Microsoft's Active Directory which is widely used, Nikol noted that there are many identity repositories that are being used including other enterprise Lightweight Directory Access Protocol (LDAP) directories. He added that applications generally maintain their own identity repositories and authorization models."Federation facilitates the single sign on between these environments, but it has done little to simplify the management of all these copies of identities in each of these repositories," Nikols said. "CA Identity Suite is focused on orchestrating the management of all of these copies—making sure that their state is current and accurate, and that the proper entitlement settings are maintained within each of the applications' own authorization models.""This makes it possible to have consistent information as well as authorization behavior established and maintained across these distributed environments," he said.Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com.

Follow him on Twitter @TechJournalist

How Do You Protect Your Perimeter When You’ve Blown it to...

By Ian Kilpatrick, Executive Vice President Cyber-Security, Nuvias Group and Chairman Wick Hill GroupIn 2016, we are subject to near constant headlines detailing the latest big data breach or hacking scandal. Many of us probably think we have a pretty good handle on the different types of security risks that can threaten our businesses.

But the reality may be a little different. The introduction of new technologies, the growth of cloud computing and changing employee working practices have all opened the door to a raft of new security vulnerabilities – often without us realising it. The security perimeter that was once in place no longer exists; Bring your own Device (BYOD), remote working or working across multiple sites, combined with an increasing reliance on cloud-based applications such as Office 365 and Salesforce, and public cloud services like Amazon AWS or Microsoft Azure, have contributed to a de-centralised environment where company data and applications can be freely accessed from almost any device, on any network. Without knowing it, many organisations have repeatedly punched holes into their once-secure perimeter, potentially leaving themselves not only vulnerable but fully open to attack. However, because these changes have happened over time, in some cases several years, many firms have missed, or have under-prioritised the potential risks they face.

This in some instances has led to complacency regarding legacy security systems – if something has always worked, and was secure in the past why mess with it? But of course, this doesn’t take into account the new wave of attacks coming from outside the weakened perimeter. Firewall technologyOne of a number of areas that this applies to is firewall technology, which has had to evolve to counter this next generation of security threats.

The firewall that has done a perfectly good job over the past five years, may not be enough to protect your business in the future. For example, firewalls deployed across a multi-site environment today, should be able to offer extra features such as the ability to optimise and protect business-critical traffic from being swamped by less important network activities.
So, ideally your active firewall should feature product capabilities like compression, data-deduplication or application-based prioritisation and bandwidth guarantees. Meanwhile, businesses are facing an unprecedented wave of ransomware attacks.

These generally come in through email, but you could also have computers “calling home” to the Command & Control (C&C) server to install stealthware. With the right firewall – often described as next generation – in place, these activities can be detected and curbed. In addition to the protection on the perimeter, you can deploy more firewalls internally to create zones. Zone-ing or segmentation makes it harder for malware and attackers to cross network boundaries. Often it makes sense to allow for direct access to cloud applications from each branch office location, effectively moving away from the traditional centralised access approach.

Allowing internet access from branch locations may now mean deploying firewalls at these locations.

The practical challenges here are threefold: Does the deployed, ‘smaller’ firewall device at each branch provide all the security controls needed and is it still affordable? Must-haves would be next-generation firewall features such as app control, user awareness, integrated IPS, the ability to intercept SSL, and advanced threat and malware detection. Can these devices be effectively managed from a central user interface? This is important, because it means that only one security policy needs to be defined and maintained across all the deployed firewalls, even though enforcement now takes place in multiple physical locations. What does the associated operational cost look like? Firewall devices need to be trouble-shot, logs need to be managed, updates applied etc. Next Generation FirewallsAs with all things IT, Next Generation Firewalls (NGFW) are subject to more hype than reality. While many are fully featured, some are overmarketed versions of older technology and despite there being plenty of choice, there can be a blurring around the capabilities and performance on offer. The customer should start by determining their needs, as they differ by organisational type, size, performance requirements, security concerns and of course compliance requirements. While there is a wide variation of prices in NGFW, often they are not matched directly to capability – which is why needs precedes budget considerations. At the risk of creating a boring feature list, some of the elements to consider and prioritise for Next Generation Firewalls include application firewalling (using deep packet inspection), intrusion prevention, encrypted traffic inspection TLS/SSl, website filtering, bandwidth management, and third party identity management integration (LDAP, Radius active directory, etc.) Other features can include antivirus, sandbox filtering, logging and auditing tools, network access control, DDoS protection and of course cloud capabilities. Clearly different organisations will have a divergent range of needs driven by their own size, performance and security requirements. With the significant range of solutions on offer, the challenge can often be selection, particularly with the significant number of new suppliers entering the market with innovative offerings. However, these can often create more cloud than light in this area, plus there’s a real risk that if they have a genuinely innovative solution, they will be acquired by a bigger player. Budget and management capabilities are also key elements in this equation.

Given that a firewall often is deployed for considerably more than three years it’s crucial to make the right decision to protect your environment, not only against today’s threats but also those that will be the centre of attacks in the future. Having been around security for more than 40 years, my own suggestion is that the conservative approach of going with a well-established player that can and will continue to invest in threat defences and upgrades is the best route.

There are many organisations that fit this bill, including Barracuda Networks, Check Point and WatchGuard Technologies to name a few.
Subject to the size and potential cost of your deployment, putting one or more suppliers through a full POC (proof of concept) ahead of the decision can be a very effective investment to protect your organisation in a radically changed risk environment from three years ago, and one which will continue to change at potentially an even faster rate. ENDS For further press information, please contact Annabelle Brown on 01326 318212, email pr@nuvias.com. Wick Hill https://www.wickhill.com/ About the authorIan Kilpatrick is EVP (Executive Vice-President) Cyber Security for Nuvias Group and Chairman Wick Hill Group.

A leading and influential figure in the IT channel, Ian has many years’ experience in security and overall responsibility at Nuvias for cyber security strategy. He was a founder member of the award-winning Wick Hill Group in the 1970s and, thanks to his enthusiasm, motivational abilities and drive, led the company through its successful growth and development, to become a leading, international, value-added distributor, focused on security. Wick Hill was acquired by Nuvias in July 2015.
Ian is a thought leader, with a strong vision of the future in IT, focussing on business needs and benefits, rather than just technology. He is a much published author and a regular speaker at IT events. About Nuvias GroupNuvias Group is the pan-EMEA, high value distribution business, which is redefining international, specialist distribution in IT.

The company has created a platform to deliver a consistent, high value, service-led and solution-rich proposition across EMEA.

This allows partner and vendor communities to provide exceptional business support to customers and enables new standards of channel success. The Group today consists of Wick Hill, an award-winning, value-added distributor with a strong specialisation in security; Zycko, an award-winning, specialist EMEA distributor, with a focus on advanced networking; and SIPHON Networks, an award-wining UC solutions and technology integrator for the channel.

All three companies have proven experience at providing innovative technology solutions from world-class vendors, and delivering market growth for vendor partners and customers.

The Group has seventeen regional offices across EMEA, as well as serving additional countries through those offices.

Turnover is in excess of US$ 330 million.

RHSA-2016:2055-1: Important: Red Hat JBoss Enterprise Application Platform 6.4.10 natives update...

Updated packages that provide Red Hat JBoss Enterprise Application Platform6.4.10 natives, fix several bugs, and add various enhancements are now availablefor Red Hat Enterprise Linux 6.Red Hat Product Security has rated this update as having a security impact ofImportant.

A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Red Hat JBoss Enterprise Application Platform 6 is a platform for Javaapplications based on JBoss Application Server 7.This release includes bug fixes and enhancements, as well as a new release ofOpenSSL that addresses a number of outstanding security flaws.

For furtherinformation, see the knowledge base article linked to in the References section.All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red HatEnterprise Linux 6 are advised to upgrade to these updated packages.

The JBossserver process must be restarted for the update to take effect.Security Fix(es):* A flaw was found in the way OpenSSL encoded certain ASN.1 data structures.

Anattacker could use this flaw to create a specially crafted certificate which,when verified or re-encoded by OpenSSL, could cause it to crash, or executearbitrary code using the permissions of the user running an application compiledagainst the OpenSSL library. (CVE-2016-2108)* Multiple flaws were found in the way httpd parsed HTTP requests and responsesusing chunked transfer encoding.

A remote attacker could use these flaws tocreate a specially crafted request, which httpd would decode differently from anHTTP proxy software in front of it, possibly leading to HTTP request smugglingattacks. (CVE-2015-3183)* A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMSdata.

A remote attacker could use this flaw to cause an application that parsesPKCS#7 or CMS data from untrusted sources to use an excessive amount of memoryand possibly crash. (CVE-2015-3195)* A flaw was found in the way the TLS protocol composes the Diffie-Hellmanexchange (for both export and non-export grade cipher suites).

An attacker coulduse this flaw to downgrade a DHE connection to use export-grade key sizes, whichcould then be broken by sufficient pre-computation.

This can lead to a passiveman-in-the-middle attack in which the attacker is able to decrypt all traffic.(CVE-2015-4000)* An integer overflow flaw, leading to a buffer overflow, was found in the waythe EVP_EncodeUpdate() function of OpenSSL parsed very large amounts of inputdata.

A remote attacker could use this flaw to crash an application usingOpenSSL or, possibly, execute arbitrary code with the permissions of the userrunning that application. (CVE-2016-2105)* An integer overflow flaw, leading to a buffer overflow, was found in the waythe EVP_EncryptUpdate() function of OpenSSL parsed very large amounts of inputdata.

A remote attacker could use this flaw to crash an application usingOpenSSL or, possibly, execute arbitrary code with the permissions of the userrunning that application. (CVE-2016-2106)* It was discovered that it is possible to remotely Segfault Apache http serverwith a specially crafted string sent to the mod_cluster via service messages(MCMP). (CVE-2016-3110)* A denial of service flaw was found in the way OpenSSL parsed certainASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs.

An applicationusing OpenSSL that accepts untrusted ASN.1 BIO input could be forced to allocatean excessive amount of data. (CVE-2016-2109)* It was discovered that specifying configuration with a JVMRoute path longerthan 80 characters will cause segmentation fault leading to a server crash.(CVE-2016-4459)Red Hat would like to thank the OpenSSL project for reporting CVE-2016-2108,CVE-2016-2105, and CVE-2016-2106 and Michal Karm Babacek for reportingCVE-2016-3110.

The CVE-2016-4459 issue was discovered by Robert Bost (Red Hat).Upstream acknowledges Huzaifa Sidhpurwala (Red Hat), Hanno Böck, and DavidBenjamin (Google) as the original reporters of CVE-2016-2108; and Guido Vrankenas the original reporter of CVE-2016-2105 and CVE-2016-2106. Before applying this update, back up your existing Red Hat JBoss EnterpriseApplication Platform installation and deployed applications.For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258For the update to take effect, all services linked to the OpenSSL library mustbe restarted, or the system rebooted.JBoss Enterprise Application Platform 6 EL6 SRPMS: hornetq-native-2.3.25-4.SP11_redhat_1.ep6.el6.src.rpm     MD5: cd62e3452ea727322f407eb7f70197f6SHA-256: 42a0d006acfd4c4a76cb4e4ca1fe43f78f579fda49539cbf7f7a6508f1f22e3d httpd-2.2.26-54.ep6.el6.src.rpm     MD5: eea764698b146f592541c89c33f1750fSHA-256: 500e2f71d7ec5bfdc3a06bc409c1c153295dc9ac19d3cb94b104dd4636492110 jbcs-httpd24-openssl-1.0.2h-4.jbcs.el6.src.rpm     MD5: 963dc03d1a02d317a679000b14fac02aSHA-256: ac5b23430a44667cd0792bb73c6f3c366d4450d6239e7025095bcc72fb165513 mod_cluster-native-1.2.13-3.Final_redhat_2.ep6.el6.src.rpm     MD5: 7398b0838abe76a7fef1ef7978b274beSHA-256: 13f719c9842b1ff8c1bf8a216599ca2e53cb412fec11035cc83ae20e3fe9ade8 mod_jk-1.2.41-2.redhat_4.ep6.el6.src.rpm     MD5: a5e47f6180e7b967b83ed98c2ffc4ec1SHA-256: 7494c511a9af95e50c283d012125f55281f8f9d88361782902189da719d67db7 tomcat-native-1.1.34-5.redhat_1.ep6.el6.src.rpm     MD5: d28d971ae5736394f7fbb125b0e05ed0SHA-256: f36bf2dafa5e715c97cf1a516f944bb4c6f2b98be1199f15b7508191d100b8ad   IA-32: hornetq-native-2.3.25-4.SP11_redhat_1.ep6.el6.i386.rpm     MD5: 390fbfdd259e95b310a73594e6b22883SHA-256: e8056f0ac22b05a5231fd44e89e8a5973977e86fbd36ec965b58b20a5fac49af httpd-2.2.26-54.ep6.el6.i386.rpm     MD5: 2f620897fde7952deda0559fd9f9249dSHA-256: 2ef8cdddf64eee31651657bad31abec8e607dc46b7f4c698351d74a261462d61 httpd-devel-2.2.26-54.ep6.el6.i386.rpm     MD5: b32fe0a48b47ff99c52df86da99d17b3SHA-256: 04722287bb04ab20e50386340906e15279f5acc197ec64adf1ebbc406586e335 httpd-manual-2.2.26-54.ep6.el6.i386.rpm     MD5: acfd1db3e2a03fb7572c761363845758SHA-256: 953df274cb9193c9cab480f8ecd8af48dda6e2d63de6bd4a3dd39e2c0499cd9a httpd-tools-2.2.26-54.ep6.el6.i386.rpm     MD5: 02d0d90b97b00d7d2973040e8e5ed6ecSHA-256: ea1765628eb3e4d08020227c0506b5b3adfa021b31e774f8879af06921b3ecff jbcs-httpd24-1-3.jbcs.el6.noarch.rpm     MD5: 55c3c3b5f68c76fac313b7ca0e184511SHA-256: 4ad48d853b5aa9b54e724c78e144bbde6deeb7a04ae023cf99e7bb04f079f6ff jbcs-httpd24-openssl-1.0.2h-4.jbcs.el6.i686.rpm     MD5: 7f161860ac4557d0d1ac61a8bfe3852aSHA-256: 45b0aad95e6c5e6031e26e36865970c1948cf1a881b0c4e5680468e1a06c49d7 jbcs-httpd24-openssl-devel-1.0.2h-4.jbcs.el6.i686.rpm     MD5: 2b2acec99c551418e47a6fe8223c16bdSHA-256: f5ddc2a4bc86f5ec40f932aceeaf4d87eb1c012a300b4e2ffd11bfd2fecd7ba8 jbcs-httpd24-openssl-libs-1.0.2h-4.jbcs.el6.i686.rpm     MD5: 66978755c0f3ff07731c6e7de5017920SHA-256: ec9f2c353d7f1b3ebbe453ff5eb170304839f6ba4b98d903b1008100e98faa60 jbcs-httpd24-openssl-perl-1.0.2h-4.jbcs.el6.i686.rpm     MD5: 688b86a5500ec07141d70794c6633408SHA-256: e093d1532b16a8ad66a36413fcbfcd0e2b190d555c40308ca70f984cfa35d22d jbcs-httpd24-openssl-static-1.0.2h-4.jbcs.el6.i686.rpm     MD5: fb5353cbf563d1d9c999709f4bcad07aSHA-256: 4e06824b17e7bfe3a69c968517b2573bb38977b93ed1cc6ec3bd9616ab3c4101 jbcs-httpd24-runtime-1-3.jbcs.el6.noarch.rpm     MD5: 26a66efa482cd82904ebdb713607bca3SHA-256: 8ac86a3df21bd84036eaeedcf6a780bc81d36b74924fc05a308cbb3fc0241865 jbossas-hornetq-native-2.3.25-4.SP11_redhat_1.ep6.el6.i386.rpm     MD5: 31a0b89c502622d5c695ee86cbf6bf58SHA-256: 46b530eeeb0ff03aa08296639d1ee62f23668169b17621168f920f2e792ab4ad jbossas-jbossweb-native-1.1.34-5.redhat_1.ep6.el6.i386.rpm     MD5: 8b19d89a9cad62c61439628b5aafa8caSHA-256: a2d3e9e884ef7500c856d4f5a30f563f449375588338a7ae05a5d949492e57f1 mod_cluster-native-1.2.13-3.Final_redhat_2.ep6.el6.i386.rpm     MD5: 0960a08b41ef13c51794bc2b3fcb7056SHA-256: ed043fcb58bce264b360afbd457eddfd9039dab8ff491d8f46ccdf567c6e6caf mod_jk-ap22-1.2.41-2.redhat_4.ep6.el6.i386.rpm     MD5: 18d370e1f246c8202b10be688b6bbe65SHA-256: 00c0f495520cd745811413ba3eb137f5e886c27d711ece911452941c599e0aba mod_ldap-2.2.26-54.ep6.el6.i386.rpm     MD5: b9978abe33bd8fca73a00f1d6053fe2fSHA-256: 4039a3dacde1c77d1d7ba8a6d055af9e4ea86ef25830c81a298e54059a8d531e mod_ssl-2.2.26-54.ep6.el6.i386.rpm     MD5: ad1a0f3f8f4f5203d4171c787f90dcb0SHA-256: 2a5fd27067edc19626604ef553a5490f8a7eba49da369c3043d7a4a7c306779e tomcat-native-1.1.34-5.redhat_1.ep6.el6.i386.rpm     MD5: f5ea8e1260998850436ff0c0d84e63b7SHA-256: d6e7500e9781ff94436a46aec1b0facc37d61429f80bcc9d4696ecfafe7aaac4   PPC: hornetq-native-2.3.25-4.SP11_redhat_1.ep6.el6.ppc64.rpm     MD5: fc027ca74904c221166add5734d45728SHA-256: 46e1fe1e99a7addc91be62ef3ed9aa60106db09341c8308109bd87bb759a0605 httpd-2.2.26-54.ep6.el6.ppc64.rpm     MD5: 730d260c56adef2a83351d94b851951aSHA-256: e88819d657247afd74a1d9569ca4af85a84bc0ad0c341126b2f31541a2d8f6b3 httpd-devel-2.2.26-54.ep6.el6.ppc64.rpm     MD5: 32583d34b85c9d41551e2046bca00e5aSHA-256: 9f53a2587de8302faf309bb1f25b87ae55bb140f6b19772007f39707d148523d httpd-manual-2.2.26-54.ep6.el6.ppc64.rpm     MD5: 9438800d7ad9b096e4d7c65b6000e076SHA-256: 2d64802ded23776cd83f5a9276fd177e9bf1309fb20a951717f9dc7bf9556c20 httpd-tools-2.2.26-54.ep6.el6.ppc64.rpm     MD5: c1145bdd515273bcbbb68a3f6477bf1aSHA-256: 81d95ca8234f7734ae118e0951dad5aa96241c20a880913ff1813f7b7dac6274 jbcs-httpd24-1-3.jbcs.el6.noarch.rpm     MD5: 55c3c3b5f68c76fac313b7ca0e184511SHA-256: 4ad48d853b5aa9b54e724c78e144bbde6deeb7a04ae023cf99e7bb04f079f6ff jbcs-httpd24-openssl-1.0.2h-4.jbcs.el6.ppc64.rpm     MD5: 559f08abb2169ef0c58483df1ece7bdcSHA-256: fb93c148a9e3e636dfe34436b25b07ef4e7ca2630318c2b39eead2892aa34416 jbcs-httpd24-openssl-devel-1.0.2h-4.jbcs.el6.ppc64.rpm     MD5: 748cdd95b14d1ac09c88161d8e09960dSHA-256: 623aa239c016538ee28dd9a48a7997f3affc5e43ec19932fb7f75677f62089f8 jbcs-httpd24-openssl-libs-1.0.2h-4.jbcs.el6.ppc64.rpm     MD5: e549845fda3618e722f457d04ada64b4SHA-256: bfe0e72169d772e7318e6db41a9f4c31f8af72f11cae22ee54da6a393af96c58 jbcs-httpd24-openssl-perl-1.0.2h-4.jbcs.el6.ppc64.rpm     MD5: 4cc3fba1d01725cf022bfc7ed51f95a5SHA-256: 69336af63ea5062c72cfb2f02bc13ec125e89a6e00040837615fa8fac1454aa1 jbcs-httpd24-openssl-static-1.0.2h-4.jbcs.el6.ppc64.rpm     MD5: c3b2e87d6eb03256843f86f78356f6adSHA-256: 7d2bd10540061a83db34359615901bdb39f8a0db1902ba1e6c5baaa5f839394a jbcs-httpd24-runtime-1-3.jbcs.el6.noarch.rpm     MD5: 26a66efa482cd82904ebdb713607bca3SHA-256: 8ac86a3df21bd84036eaeedcf6a780bc81d36b74924fc05a308cbb3fc0241865 jbossas-hornetq-native-2.3.25-4.SP11_redhat_1.ep6.el6.ppc64.rpm     MD5: 25cd16b4ea2f068cc4a10e5465abc468SHA-256: 7d7b1c4d327e31c6f0775bad4cd36c787aca17720d0038943450d2cfc7f2ef83 jbossas-jbossweb-native-1.1.34-5.redhat_1.ep6.el6.ppc64.rpm     MD5: f60065497f75b0306ece04007cefec19SHA-256: 4b21884a73ca27b0871c1171d2dc272de364a32bd6995c03111d2cd788ae475a mod_cluster-native-1.2.13-3.Final_redhat_2.ep6.el6.ppc64.rpm     MD5: c5e6c941aa20046741ee7bd7c3c55332SHA-256: a02e41bb0d4478a6c1e13fba4035dcce6aa3cd513fb06a487c18f983824da16a mod_jk-ap22-1.2.41-2.redhat_4.ep6.el6.ppc64.rpm     MD5: acb73b0b6ac5607b4ec77fe72c76b2ccSHA-256: 3d66976dfafb2d4318bdefc8418c0afbd83dfd6f91e0e57fb96b0f4d64d26387 mod_ldap-2.2.26-54.ep6.el6.ppc64.rpm     MD5: e6ed9807c9b81ebaf6d87baa70e3cb73SHA-256: c91676653409e6e8a06534b7c16ede83858513fc0ed734d4b8bd89a85f568db0 mod_ssl-2.2.26-54.ep6.el6.ppc64.rpm     MD5: 71ce8f549b1c2625d3fc4a7e37ee6a1fSHA-256: 3b6f84a6765ea1593910ff2cab26f675a3b5e905565be813e797b24eabb7f372 tomcat-native-1.1.34-5.redhat_1.ep6.el6.ppc64.rpm     MD5: 2a011488806a7edbca4e7ee3f9c2e083SHA-256: 1df4ed8db1110bbf65192749051d9482c56fa055337f9c0a1117a37018865151   x86_64: hornetq-native-2.3.25-4.SP11_redhat_1.ep6.el6.x86_64.rpm     MD5: aa72f656b66f7a5e91c1635ac65a506cSHA-256: 0d35825de1ca9f8dff9db819a57da22adfd85f3471fef13ffe7db1376a49355d httpd-2.2.26-54.ep6.el6.x86_64.rpm     MD5: 91556faf775acf8a5f130099cb076275SHA-256: 65a1e179b6e455b73a9aa23929f65fda99c2283cf33e0f6cb96f362efd9b2197 httpd-devel-2.2.26-54.ep6.el6.x86_64.rpm     MD5: b00a921577b49c18ea2578e2444b4278SHA-256: 4e5e0e62a3e47307ca75d23e9fb8a97a117163a46d11911e7f926210a86a5a43 httpd-manual-2.2.26-54.ep6.el6.x86_64.rpm     MD5: 456777fc9cfbc7052cab5513cac10c49SHA-256: 8b0470615c47fafc22b9b08eecde0eca9f88371822869e76bbc2935a178a17fa httpd-tools-2.2.26-54.ep6.el6.x86_64.rpm     MD5: b5451282b70f72e3ffb4e850837b83edSHA-256: 4aeb4ecadcca0e06707fd6ef87a629067f353061dd4016c2bbe2115e51f00774 jbcs-httpd24-1-3.jbcs.el6.noarch.rpm     MD5: 55c3c3b5f68c76fac313b7ca0e184511SHA-256: 4ad48d853b5aa9b54e724c78e144bbde6deeb7a04ae023cf99e7bb04f079f6ff jbcs-httpd24-openssl-1.0.2h-4.jbcs.el6.x86_64.rpm     MD5: 411ce2397cddf77a882ddbebcd8a0762SHA-256: 86225769181a6677c8ec92ac74db4281b41e73f0a782cb426867a50b6a0289ac jbcs-httpd24-openssl-devel-1.0.2h-4.jbcs.el6.x86_64.rpm     MD5: a8cdf0f72326e9801671c00af0594d4cSHA-256: 2f558d2b55fa44f8df23471b4d6e2bb67dbf6b05348d2fbe9d414248a93e687d jbcs-httpd24-openssl-libs-1.0.2h-4.jbcs.el6.x86_64.rpm     MD5: 03a954c4787d3ccce6dbb131b922f110SHA-256: 62186db1184d1a37129d44771eeab73630109c5e3fa54f7d2e38e35ad1a98712 jbcs-httpd24-openssl-perl-1.0.2h-4.jbcs.el6.x86_64.rpm     MD5: 7598560deaba3370c3c85f83d6ab980eSHA-256: 588505e83e4e8d4e75d54b7faa1d4e727159d0a98f83b2dad73b6aa2026bb379 jbcs-httpd24-openssl-static-1.0.2h-4.jbcs.el6.x86_64.rpm     MD5: 5f827452f347852789e667798d8964beSHA-256: 744051dbab7f5ad2d3157fdfa904452f51974219f1d66ca4976012e5142a5719 jbcs-httpd24-runtime-1-3.jbcs.el6.noarch.rpm     MD5: 26a66efa482cd82904ebdb713607bca3SHA-256: 8ac86a3df21bd84036eaeedcf6a780bc81d36b74924fc05a308cbb3fc0241865 jbossas-hornetq-native-2.3.25-4.SP11_redhat_1.ep6.el6.x86_64.rpm     MD5: c6857621fd657153131b1d8b91f65261SHA-256: 877874f7e1ffc0924c5fd7d077355532be724b126d9f4b22335087926a91b6df jbossas-jbossweb-native-1.1.34-5.redhat_1.ep6.el6.x86_64.rpm     MD5: 378d0dbe20ca0e8d8df66015922c8691SHA-256: e335c3ea451f7f12d4c7810f9c012f16a0bbb17a485a2e0a6267a2dd0336b594 mod_cluster-native-1.2.13-3.Final_redhat_2.ep6.el6.x86_64.rpm     MD5: 6781a0b7d7c6fbaa720289b367e169ebSHA-256: e67be895b7a3e8f2eec5211052d2dccb6dfd3323ad9884d4abe520b7c881c537 mod_jk-ap22-1.2.41-2.redhat_4.ep6.el6.x86_64.rpm     MD5: cc964b2fbe429f58c8b3016e45ab5bd7SHA-256: edeaf9c06eb7ee6fb752c8d58944fcf8357adbeed7dbf26dc8be786104c45e75 mod_ldap-2.2.26-54.ep6.el6.x86_64.rpm     MD5: 0185716d5ff7efd84767680799e677bfSHA-256: 704e71dc12b7456d610b8de7132ddfd5a472ff5d7b2d98b636da562f41010864 mod_ssl-2.2.26-54.ep6.el6.x86_64.rpm     MD5: 6d218955f6ac6f6bb493467e2b9d6606SHA-256: e345df4f891e8278366a86e5db014d660c8306877aaa3357e9bb6e3af5cab6f4 tomcat-native-1.1.34-5.redhat_1.ep6.el6.x86_64.rpm     MD5: 272492dd826b88ad6bdb5e60d114b42dSHA-256: c66e650acf0a08d8088bec04e59c683358a115185820b1801ca677b7d612f71b   (The unlinked packages above are only available from the Red Hat Network) These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from: