Enterprise Linux Security Episode 8 – Trojan Source, & CISA’s Directive

Recently, some interesting security news has occurred, and two specific developments are the main discussion in this episode. Trojan Source is a newly discovered tactic that can be used to hide malicious code and execute something completely unexpected, even when the source code appears to be syntactically correct. In addition, CISA recently mandated a large number of CVE’s to be patched in the very near future, which will likely have ramifications even outside of the United States. Also, Jay and Joao also discuss the recently released Fedora 35, which is a distribution that has a large presence on the workstations that administrators use.

Subscribe to LearnLinuxTV

Episode downloads

Episode-specific Links

Enterprise Linux Security Episode 3 – Linux Distro Migrations

Migrating your servers from one Linux distribution to another can be a daunting task, even moreso if it’s a migration you’re doing because of unforeseen events or changes within the ecosystem. In this video, Jay and Joao discuss the challenges when it comes to migrating Linux distributions, and the effect this has on security.

Subscribe to LearnLinuxTV

Ogg version

MP3 version

MP3 version (low)

OS Migration Checklist

Live-patching QEMU with QEMUCare

Rebooting is a pain, and in some organizations, downright tedious. Shuffling virtual machines between hosts in a cluster is even more tedious, and when it’s time to install patches, that’s what many administrators are forced to do. In this video, I check out QEMUCare, which aims to live-patch QEMU to avoid VM shuffling. In particular, we’ll look at installing ePortal (which deploys the patches) and also an example scenario.

Subscribe to LearnLinuxTV

Read more