document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-01-16 22:42:21 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #10 from LCTT/master

Browse Source 
Update 10/04/2019
This commit is contained in:
liujing97 2019-04-10 22:55:44 +08:00 committed by GitHub
commit bacf35ef1b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 384 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
sources/tech/20190409 Cisco, Google reenergize multicloud-hybrid cloud joint development.md Normal file
View File

@ -0,0 +1,78 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Cisco, Google reenergize multicloud/hybrid cloud joint development)
[#]: via: (https://www.networkworld.com/article/3388218/cisco-google-reenergize-multicloudhybrid-cloud-joint-development.html#tk.rss_all)
[#]: author: (Michael Cooney https://www.networkworld.com/author/Michael-Cooney/)
Cisco, Google reenergize multicloud/hybrid cloud joint development
======
Cisco, VMware, HPE and others tap into new Google Cloud Athos cloud technology
![Thinkstock][1]
Cisco and Google have expanded their joint cloud-development activities to help customers more easily build secure multicloud and hybrid applications everywhere from on-premises data centers to public clouds.
**[Check out[what hybrid cloud computing is][2] and learn [what you need to know about multi-cloud][3]. Get regularly scheduled insights by [signing up for Network World newsletters][4]]**
The expansion centers around Googles new open-source hybrid cloud package called Anthos, which was introduced at the companys Google Next event this week. Anthos is based on and supplants the company's existing Google Cloud Service beta. Anthos will let customers run applications, unmodified, on existing on-premises hardware or in the public cloud and will be available on [Google Cloud Platform][5] (GCP) with [Google Kubernetes Engine][6] (GKE), and in data centers with [GKE On-Prem][7], the company says. Anthos will also let customers for the first time manage workloads running on third-party clouds such as AWS and Azure from the Google platform without requiring administrators and developers to learn different environments and APIs, Google said.
Essentially, Athos offers a single managed service that promises to let customers manage and deploy workloads across clouds, without having to worry about dissimilar environments or APIs.
As part of the rollout, Google also announced a beta program called[ Anthos Migrate][8] that Google says auto-migrates VMs from on-premises, or other clouds, directly into containers in GKE. “This unique migration technology lets you migrate and modernize your infrastructure in one streamlined motion, without upfront modifications to the original VMs or applications,” Google said. It gives companies the flexibility to move on-prem apps to a cloud environment at the customers pace, Google said.
### Cisco and Google
For its part Cisco announced support of Anthos and promised to tightly integrate it with Cisco data center-technologies, such as its HyperFlex hyperconverged package, Application Centric Infrastructure (Ciscos flagship SDN offering), SD-WAN and Stealthwatch Cloud. The integrations will enable a consistent, cloud-like experience whether on-prem or in the cloud with automatic upgrades to the latest versions and security patches, Cisco stated.
"Google Clouds expertise in containerization and service mesh Kubernetes and Istio, respectively as well as their leadership in the developer community, combined with Ciscos enterprise-class networking, compute, storage and security products and services makes for a winning combination for our customers," [wrote][9] Kip Compton, Cisco senior vice president, Cloud Platform and Solutions Group. “The Cisco integrations for Anthos will help customers build and manage multicloud and hybrid applications across their on-premises datacenters and public clouds and let them focus on innovation and agility without compromising security or increasing complexity.”
### Google Cloud and Cisco
Eyal Manor, vice president, engineering at Google Cloud, [wrote][10] that with Ciscos support for Anthos, customers will be able to:
* Benefit from a fully-managed service, like GKE, and Ciscos hyperconverged infrastructure, networking, and security technologies.
* Operate consistently across an enterprise data center and the cloud.
* Consume cloud services from an enterprise data center.
* Modernize now on premises with the latest cloud technologies.
Cisco and Google have been working closely together since October 2017, when the companies said they were working on an open hybrid cloud platform that bridges on-premises and cloud environments. That package, [Cisco Hybrid Cloud Platform for Google Cloud][11], became generally available in September 2018. It lets customer develop enterprise-grade capabilities from Google Cloud-managed Kubernetes containers that include Cisco networking and security technology as well as service mesh monitoring from Istio.
Google says Istios open-source, container- and microservice-optimized technology offers developers a uniform way to connect, secure, manage and monitor microservices across clouds through service-to-service level mTLS [Mutual Transport Layer Security] authentication access control. As a result, customers can easily implement new, portable services and centrally configure and manage those services.
Cisco wasnt the only vendor to announce support for Anthos. At least 30 other big Google partners including [VMware][12], [Dell EMC][13], [HPE][14], Intel, and Lenovo committed to delivering Anthos on their own hyperconverged infrastructure for their customers, Google stated.
Join the Network World communities on [Facebook][15] and [LinkedIn][16] to comment on topics that are top of mind.
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3388218/cisco-google-reenergize-multicloudhybrid-cloud-joint-development.html#tk.rss_all
作者:[Michael Cooney][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Michael-Cooney/
[b]: https://github.com/lujun9972
[1]: https://images.techhive.com/images/article/2016/12/hybrid_cloud-100700390-large.jpg
[2]: https://www.networkworld.com/article/3233132/cloud-computing/what-is-hybrid-cloud-computing.html
[3]: https://www.networkworld.com/article/3252775/hybrid-cloud/multicloud-mania-what-to-know.html
[4]: https://www.networkworld.com/newsletters/signup.html
[5]: https://cloud.google.com/
[6]: https://cloud.google.com/kubernetes-engine/
[7]: https://cloud.google.com/gke-on-prem/
[8]: https://cloud.google.com/contact/
[9]: https://blogs.cisco.com/news/next-phase-cisco-google-cloud
[10]: https://cloud.google.com/blog/topics/partners/google-cloud-partners-with-cisco-on-hybrid-cloud-next19?utm_medium=unpaidsocial&utm_campaign=global-googlecloud-liveevent&utm_content=event-next
[11]: https://cloud.google.com/cisco/
[12]: https://blogs.vmware.com/networkvirtualization/2019/04/vmware-and-google-showcase-hybrid-cloud-deployment.html/
[13]: https://www.dellemc.com/en-us/index.htm
[14]: https://www.hpe.com/us/en/newsroom/blog-post/2019/04/hpe-and-google-cloud-join-forces-to-accelerate-innovation-with-hybrid-cloud-solutions-optimized-for-containerized-applications.html
[15]: https://www.facebook.com/NetworkWorld/
[16]: https://www.linkedin.com/company/network-world

65
sources/tech/20190409 Enhanced security at the edge.md Normal file
View File

@ -0,0 +1,65 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Enhanced security at the edge)
[#]: via: (https://www.networkworld.com/article/3388130/enhanced-security-at-the-edge.html#tk.rss_all)
[#]: author: (Anne Taylor https://www.networkworld.com/author/Anne-Taylor/)
Enhanced security at the edge
======
The risks presented by edge computing environments necessitates that companies pay special attention to security measures.
![iStock][1]
Its becoming a cliché to say that data security is a top concern among executives and boards of directors. The problem is: the problem just wont go away.
Hackers and attackers are ever finding new ways to exploit weaknesses. Just as companies start to use emerging technologies like artificial intelligence and machine learning to protect their organizations in an automated fashion, [so too are bad actors][2] using these tools to further their goals.
In a nutshell, security simply cannot be overlooked. And now, as companies [increasingly adopt][3] edge computing, there are new considerations to securing these environments.
**More risks at the edge**
As a [Network World article][4] suggests, edge computing places a new focus on physical security. Thats not to dismiss the need to secure data in transit. However, its the actual physical sites and equipment that deserve special attention.
For example, edge hardware is often situated in larger corporate or wide-open spaces, sometimes in highly accessible, shared offices and public areas. Ostensibly, this is to take advantage of the cost savings and faster access associated with data not having to travel back and forth to the data center.
However, without any level of access control, this equipment is at risk of both malicious actions and simple human error. Imagine an office cleaner accidentally turning off a device, and the resulting effects of subsequent downtime.
Another risk is “Shadow edge IT.” Sometimes non-IT staff will deploy an edge site to quickly launch a project, without letting the IT department know this site is now connecting to the network. For example, a retail store might take the initiative to install its own digital signage. Or, a sales team could apply IoT sensors to TVs and deployed them on-the-fly at a sales demo.
In these cases, IT may have little or no visibility into these devices and edge sites, leaving the network potentially exposed.
**Securing the edge**
An easy way to avoid these risks is to deploy a micro data center (MDC).
> “Most of these [edge] environments have historically been uncontrolled,” [said Kevin Brown][5], SVP Innovation and CTO for Schneider Electrics Secure Power Division. “They might be a Tier 1, but likely a Tier 0 type of design — theyre like open wiring closets. They now need to be treated like micro data centers. You need to be able to manage them as you would a mission-critical data center.”
Just as it sounds, this solution is a secure, self-contained enclosure that includes all the storage, processing, and networking thats required to run applications both indoors and outdoors. It also includes the necessary power, cooling, security, and management tools.
The best part is the high level of security. The unit is enclosed, with locking doors, to prevent unauthorized access. And with the right vendor, the MDC can be customized to include surveillance cameras, sensors, and monitoring technology for remote digital management.
As companies increasingly take advantage of the benefits of edge computing, its critical they also take advantage of security solutions to protect their data and environments.
Discover how to best secure your edge computing environment at [APC.com][6].
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3388130/enhanced-security-at-the-edge.html#tk.rss_all
作者:[Anne Taylor][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Anne-Taylor/
[b]: https://github.com/lujun9972
[1]: https://images.idgesg.net/images/article/2019/04/istock-1091707448-100793312-large.jpg
[2]: https://www.csoonline.com/article/3250144/6-ways-hackers-will-use-machine-learning-to-launch-attacks.html
[3]: https://www.marketwatch.com/press-release/edge-computing-market-2018-global-analysis-opportunities-and-forecast-to-2023-2018-08-20
[4]: https://www.networkworld.com/article/3224893/what-is-edge-computing-and-how-it-s-changing-the-network.html
[5]: https://www.youtube.com/watch?v=1NLk1cXEukQ
[6]: https://www.apc.com/us/en/solutions/business-solutions/edge-computing.jsp

241
sources/tech/20190410 How To Check The List Of Open Ports In Linux.md Normal file
View File

@ -0,0 +1,241 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How To Check The List Of Open Ports In Linux?)
[#]: via: (https://www.2daygeek.com/linux-scan-check-open-ports-using-netstat-ss-nmap/)
[#]: author: (Magesh Maruthamuthu https://www.2daygeek.com/author/magesh/)
How To Check The List Of Open Ports In Linux?
======
Recently we had written two articles in the same kind of topic.
Those articles helps you to check whether the given ports are open or not in the remote servers.
If you want to **[check whether a port is open on the remote Linux system][1]** then navigate to this article.
If you want to **[check whether a port is open on multiple remote Linux system][2]** then navigate to this article.
If you would like to **[check multiple ports status on multiple remote Linux system][2]** then navigate to this article.
But this article helps you to check the list of open ports on the local system.
There are few utilities are available in Linux for this purpose.
However, Im including top four Linux commands to check this.
It can be done using the following four commands. These are very famous and widely used by Linux admins.
* **`netstat:`** netstat (“network statistics”) is a command-line tool that displays network connections related information (both incoming and outgoing) such as routing tables, masquerade connections, multicast memberships and a number of network interface
* **`nmap:`** Nmap (“Network Mapper”) is an open source tool for network exploration and security auditing. It was designed to rapidly scan large networks.
* **`ss:`** ss is used to dump socket statistics. It allows showing information similar to netstat. It can display more TCP and state information than other tools.
* **`lsof:`** lsof stands for List Open File. It is used to print all the open files which is opened by process.
### How To Check The List Of Open Ports In Linux Using netstat Command?
netstat stands for Network Statistics, is a command-line tool that displays network connections related information (both incoming and outgoing) such as routing tables, masquerade connections, multicast memberships and a number of network interface.
It lists out all the tcp, udp socket connections and the unix socket connections.
It is used for diagnosing network problems in the network and to determine the amount of traffic on the network as a performance measurement.
```
# netstat -tplugn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 2038/master
tcp 0 0 127.0.0.1:199 0.0.0.0:* LISTEN 1396/snmpd
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1398/httpd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1388/sshd
tcp6 0 0 :::25 :::* LISTEN 2038/master
tcp6 0 0 :::22 :::* LISTEN 1388/sshd
udp 0 0 0.0.0.0:39136 0.0.0.0:* 1396/snmpd
udp 0 0 0.0.0.0:56130 0.0.0.0:* 1396/snmpd
udp 0 0 0.0.0.0:40105 0.0.0.0:* 1396/snmpd
udp 0 0 0.0.0.0:11584 0.0.0.0:* 1396/snmpd
udp 0 0 0.0.0.0:30105 0.0.0.0:* 1396/snmpd
udp 0 0 0.0.0.0:50656 0.0.0.0:* 1396/snmpd
udp 0 0 0.0.0.0:1632 0.0.0.0:* 1396/snmpd
udp 0 0 0.0.0.0:28265 0.0.0.0:* 1396/snmpd
udp 0 0 0.0.0.0:40764 0.0.0.0:* 1396/snmpd
udp 0 0 10.90.56.21:123 0.0.0.0:* 895/ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:* 895/ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 895/ntpd
udp 0 0 0.0.0.0:53390 0.0.0.0:* 1396/snmpd
udp 0 0 0.0.0.0:161 0.0.0.0:* 1396/snmpd
udp6 0 0 :::123 :::* 895/ntpd
IPv6/IPv4 Group Memberships
Interface RefCnt Group
--------------- ------ ---------------------
lo 1 224.0.0.1
eth0 1 224.0.0.1
lo 1 ff02::1
lo 1 ff01::1
eth0 1 ff02::1
eth0 1 ff01::1
```
If you would like to check any particular port status then use the following format.
```
# # netstat -tplugn | grep :22
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1388/sshd
tcp6 0 0 :::22 :::* LISTEN 1388/sshd
```
### How To Check The List Of Open Ports In Linux Using ss Command?
ss is used to dump socket statistics. It allows showing information similar to netstat. It can display more TCP and state information than other tools.
```
# ss -lntu
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 0 0 *:39136 *:*
udp UNCONN 0 0 *:56130 *:*
udp UNCONN 0 0 *:40105 *:*
udp UNCONN 0 0 *:11584 *:*
udp UNCONN 0 0 *:30105 *:*
udp UNCONN 0 0 *:50656 *:*
udp UNCONN 0 0 *:1632 *:*
udp UNCONN 0 0 *:28265 *:*
udp UNCONN 0 0 *:40764 *:*
udp UNCONN 0 0 10.90.56.21:123 *:*
udp UNCONN 0 0 127.0.0.1:123 *:*
udp UNCONN 0 0 *:123 *:*
udp UNCONN 0 0 *:53390 *:*
udp UNCONN 0 0 *:161 *:*
udp UNCONN 0 0 :::123 :::*
tcp LISTEN 0 100 *:25 *:*
tcp LISTEN 0 128 127.0.0.1:199 *:*
tcp LISTEN 0 128 *:80 *:*
tcp LISTEN 0 128 *:22 *:*
tcp LISTEN 0 100 :::25 :::*
tcp LISTEN 0 128 :::22 :::*
```
If you would like to check any particular port status then use the following format.
```
# # ss -lntu | grep ':25'
tcp LISTEN 0 100 *:25 *:*
tcp LISTEN 0 100 :::25 :::*
```
### How To Check The List Of Open Ports In Linux Using nmap Command?
Nmap (“Network Mapper”) is an open source tool for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts.
Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.
While Nmap is commonly used for security audits, many systems and network administrators find it useful for routine tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.
```
# nmap -sTU -O localhost
Starting Nmap 6.40 ( http://nmap.org ) at 2019-03-20 09:57 CDT
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00028s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 1994 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
199/tcp open smux
123/udp open ntp
161/udp open snmp
Device type: general purpose
Running: Linux 3.X
OS CPE: cpe:/o:linux:linux_kernel:3
OS details: Linux 3.7 - 3.9
Network Distance: 0 hops
OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 1.93 seconds
```
If you would like to check any particular port status then use the following format.
```
# nmap -sTU -O localhost | grep 123
123/udp open ntp
```
### How To Check The List Of Open Ports In Linux Using lsof Command?
It shows you the list of open files on the system and the processes that opened them. Also shows you other informations related to the files.
```
# lsof -i
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
ntpd 895 ntp 16u IPv4 18481 0t0 UDP *:ntp
ntpd 895 ntp 17u IPv6 18482 0t0 UDP *:ntp
ntpd 895 ntp 18u IPv4 18487 0t0 UDP localhost:ntp
ntpd 895 ntp 20u IPv4 23020 0t0 UDP CentOS7.2daygeek.com:ntp
sshd 1388 root 3u IPv4 20065 0t0 TCP *:ssh (LISTEN)
sshd 1388 root 4u IPv6 20067 0t0 TCP *:ssh (LISTEN)
snmpd 1396 root 6u IPv4 22739 0t0 UDP *:snmp
snmpd 1396 root 7u IPv4 22729 0t0 UDP *:40105
snmpd 1396 root 8u IPv4 22730 0t0 UDP *:50656
snmpd 1396 root 9u IPv4 22731 0t0 UDP *:pammratc
snmpd 1396 root 10u IPv4 22732 0t0 UDP *:30105
snmpd 1396 root 11u IPv4 22733 0t0 UDP *:40764
snmpd 1396 root 12u IPv4 22734 0t0 UDP *:53390
snmpd 1396 root 13u IPv4 22735 0t0 UDP *:28265
snmpd 1396 root 14u IPv4 22736 0t0 UDP *:11584
snmpd 1396 root 15u IPv4 22737 0t0 UDP *:39136
snmpd 1396 root 16u IPv4 22738 0t0 UDP *:56130
snmpd 1396 root 17u IPv4 22740 0t0 TCP localhost:smux (LISTEN)
httpd 1398 root 3u IPv4 20337 0t0 TCP *:http (LISTEN)
master 2038 root 13u IPv4 21638 0t0 TCP *:smtp (LISTEN)
master 2038 root 14u IPv6 21639 0t0 TCP *:smtp (LISTEN)
sshd 9052 root 3u IPv4 1419955 0t0 TCP CentOS7.2daygeek.com:ssh->Ubuntu18-04.2daygeek.com:11408 (ESTABLISHED)
httpd 13371 apache 3u IPv4 20337 0t0 TCP *:http (LISTEN)
httpd 13372 apache 3u IPv4 20337 0t0 TCP *:http (LISTEN)
httpd 13373 apache 3u IPv4 20337 0t0 TCP *:http (LISTEN)
httpd 13374 apache 3u IPv4 20337 0t0 TCP *:http (LISTEN)
httpd 13375 apache 3u IPv4 20337 0t0 TCP *:http (LISTEN)
```
If you would like to check any particular port status then use the following format.
```
# lsof -i:80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
httpd 1398 root 3u IPv4 20337 0t0 TCP *:http (LISTEN)
httpd 13371 apache 3u IPv4 20337 0t0 TCP *:http (LISTEN)
httpd 13372 apache 3u IPv4 20337 0t0 TCP *:http (LISTEN)
httpd 13373 apache 3u IPv4 20337 0t0 TCP *:http (LISTEN)
httpd 13374 apache 3u IPv4 20337 0t0 TCP *:http (LISTEN)
httpd 13375 apache 3u IPv4 20337 0t0 TCP *:http (LISTEN)
```
--------------------------------------------------------------------------------
via: https://www.2daygeek.com/linux-scan-check-open-ports-using-netstat-ss-nmap/
作者:[Magesh Maruthamuthu][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.2daygeek.com/author/magesh/
[b]: https://github.com/lujun9972
[1]: https://www.2daygeek.com/how-to-check-whether-a-port-is-open-on-the-remote-linux-system-server/
[2]: https://www.2daygeek.com/check-a-open-port-on-multiple-remote-linux-server-using-nc-command/