HTML Injection Attacks: Impact and Mitigation Strategies
Rhel7 vs rhel6
1. REDHAT LINUX 7 – WHAT’S IN IT 06/18/2015
ARUNVIGNESH VENKATESH 1
What the hell is in there?
As some of us (or few!) would be wondering ‘what is new about Redhat Linux 7 ?!’, ‘How is it different
from RHEL 6?’, ‘Where does it fit better?’. Redhat decides to bring some surprise party for their Linux
Administrators / Architects, Right from the scratch-level changes till the market-hot technologies such as
Dev-Ops.
Would I find it difficult to work with it, comparing to RHEL 6?
Well, for little bit of time, I would say Yes. But difficult is not the word. It takes some time to get familiarize
yourself with it. Since the changes begin File system and some of your day-day base touches such as
services, Network configurations checks, hosts.
Precisely let’s see the key differences between v6 and v7, which helps you to architect / size your Linux
Environment.
Features RHEL 7 RHEL 6
Default File System XFS EXT4
Kernel Version 3.10.x-x kernel 2.6.x-x Kernel
Kernel Code Name Maipo Santiago
General Availability Date
of First Major Release
2014-06-09 (Kernel Version 3.10.0-123) 2010-11-09 (Kernel Version
2.6.32-71)
First Process systemd (process ID 1) init (process ID 1)
Runlevel runlevels are called as "targets" as
shown below:
Traditional runlevels defined :
runlevel0.target -> poweroff.target runlevel 0
runlevel1.target -> rescue.target runlevel 1
runlevel2.target -> multi-user.target runlevel 2
runlevel3.target -> multi-user.target runlevel 3
runlevel4.target -> multi-user.target runlevel 4
runlevel5.target -> graphical.target runlevel 5
runlevel6.target -> reboot.target runlevel 6
Host Name Change Config
File
/etc/hostname. /etc/sysconfig/network
Change In UID Allocation By default any new users created would
get UIDs assigned starting from 1000.
Default UID assigned to users
would start from 500.
2. REDHAT LINUX 7 – WHAT’S IN IT 06/18/2015
ARUNVIGNESH VENKATESH 2
Max Supported File Size Maximum (individual) file size = 500TB Maximum (individual) file size
= 16TB
Maximum filesystem size = 500TB Maximum filesystem size =
16TB
File System Check
Command
"xfs_repair" "e2fsck"
Change In File System
Structure
/bin, /sbin, /lib, and /lib64 are now
nested under /usr.
/bin, /sbin, /lib, and /lib64 are
usually under /
Boot Loader GRUB 2 GRUB 0.97
KDUMP RHEL7 supports kdump on large memory
based systems up to 3 TB
Kdump doesn’t work properly
with large RAM based
systems.
System & Service Manager
(For init daemon)
"Systemd" Upstart
systemctl start nfs-server.service service start nfs OR
/etc/init.d/nfs start
systemctl enable nfs-server.service chkconfig --level 3 5 nfs on
Default Firewall "Firewalld (Dynamic Firewall)" Iptables
Network Bonding "Team Driver" "Bonding"
-/etc/sysconfig/network-scripts/ifcfg-
team0
-/etc/sysconfig/network-
scripts/ifcfg-bond0
- DEVICE=”team0” - DEVICE=”bond0”
- DEVICETYPE=”Team”
Network Time
Synchronization
Using Chrony suite (faster time sync
compared with ntpd)
Using ntpd
NFS Default : NFS4.1 Default : NFS4
Supports NFS v2, v3, v4
clients
NFSv2 is no longer supported. Supports
NFSv3,v4.0, v4.1 clients.
Load Balancer Technology Keepalived and HAProxy Piranha
Desktop/GUI Interface GNOME3 and KDE 4.10 GNOME2
Default Database MariaDB MySQL
Managing Temporary Files RHEL 7 uses systemd-tmpfiles (more
structured, and configurable, method to
manage tmp files and directories).
Using "tmpwatch"
3. REDHAT LINUX 7 – WHAT’S IN IT 06/18/2015
ARUNVIGNESH VENKATESH 3
Ok, now tell me something NEW about your Redhat Linux 7?
A lot. This is my favorite part Intention is not something bringing REALLY new, but also to replace some
older (or boring ;)) concepts. Docker, MS Active Directory compatibility, volatile tmp mount, XFS, Partition
Rollback, What else you look for!
(Tips: Looking at this table size, this part might close down your eyes so you can choose your favorite
topic and explore, for time being)
RHEL 7 New Features
CROSS-REALM
KERBEROS TRUST with
Microsoft AD
This new capability makes it possible for users with Active Directory credentials
to access Linux resources without requiring additional identity authentication.
Single sign-on functionality exists across Microsoft Windows and Linux
domains. Synchronization between the two identity stores is not needed.
Partitioning defaults for
rollback
The ability to revert to a known, good system configuration is crucial in a
production environment. Using LVM snapshots with ext4 and XFS an
administrator can capture the state of a system and preserve it for future use.
An example use case would involve an in-place upgrade that does not present
a desired outcome and an administrator who wants to restore the original
configuration.
Performance
management
Performance Co-Pilot is a new framework for system-wide performance
monitoring, recording, and analysis that provides an API for importing and
exporting sampled and traced data.
It provides a common graphical user interface for browsing through all
collected data as well as interactive text interfaces.
Introduction of Docker
Docker is an open source project that automates the deployment of
applications inside Linux Containers, and provides the capability to package an
application with its runtime dependencies into a container.
No 32 Bit ISO Image
No 32 bit ISO for download. Red Hat Enterprise Linux 7 will only provide 64-bit
ISO's, thus allowing only a 64-bit operating environment. RHEL 7 will not
natively support 32-bit hardware.
4. REDHAT LINUX 7 – WHAT’S IN IT 06/18/2015
ARUNVIGNESH VENKATESH 4
MemAvailable Added to
meminfo
A new entry to the /proc/meminfo file has been introduced to provide the
MemAvailable field. MemAvailable provides an estimate of how much memory
is available for starting new applications, without swapping.
New Ruby and Python
Versions
Red Hat Enterprise Linux 7 provides the latest Ruby version, 2.0.0 and Python
2.7.5.
OpenJDK7 Made
Default
Red Hat Enterprise Linux 7 features OpenJDK7 as the default Java Development
Kit (JDK) and Java 7 as the default Java version.
Support for 40 Gigabit
NICs
Red Hat Enterprise Linux 7 supports 40 Gigabit network interface controllers
(NICs) from multiple hardware partners. This provides support for 40 Gigabit
Ethernet link speeds enabling faster network communication for applications
and systems. Note that the ethtool utility will report interface link speeds up to
40Gb data rates.
No RHN Classic
RHN Classic is not supported in RHEL7. Older versions supported different
subscription management method being used. Red Hat Subcription
Management is the only one used by RHEL 7.
OpenSSH - Multiple
Required
Authentications
Red Hat Enterprise Linux 7 supports multiple required authentications in SSH
protocol version 2 using the Authentication Methods option. This option lists
one or more comma-separated lists of authentication method names.
Minimum Disk Space for
Installation of RHEL7
Red Hat Enterprise Linux 7 now requires at least 1 GB of disk space to install.
However, Red Hat recommends a minimum of 5 GB of disk space for all
supported architectures.
Implementation of
tmpfs file system
Red Hat Enterprise Linux 7 offers the ability to use /tmp as a mount point for a
temporary file storage system (tmpfs).
No files in /tmp are stored on the hard drive except when memory is low, in
which case swap space is used. This means that the contents of /tmp are not
persisted across a reboot.
5. REDHAT LINUX 7 – WHAT’S IN IT 06/18/2015
ARUNVIGNESH VENKATESH 5
New Logging
Framework
Red Hat Enterprise Linux 7 introduces a new logging daemon, journald, as part
of the move to systemd.
journald captures the following types of message for all services:
- syslog messages
- kernel messages
- initial RAM disk and early boot messages
- messages sent to standard output and standard error output.
Changes to mount
options
Unlike ext3 and ext4, the XFS file system enables the user_xattr and acl mount
options by default. Ext3 and ext4 file systems do not enable these attributes by
default.
Powerful
NetworkManager
NetworkManager has been significantly enhanced to configure and monitor all
the networking features for enterprise class servers and for desktop
applications.
For the enterprise data centers, NetworkManager can be used for tasks such as
basic networking configuration, network teaming, configuring virtual LANs,
bridges, bonds, IPv6, VPNs, assigning interfaces to firewall zones, and others.
For desktop servers it can manage wired and wireless networks and VPNs.
CROSS-REALM
KERBEROS TRUST with
Microsoft AD
This new capability makes it possible for users with Active Directory credentials
to access Linux resources without requiring additional identity authentication
so that single sign-on functionality exists across Microsoft Windows and Linux
domains. Synchronization between the two identity stores is not needed.
RHEL Guest integration
with vmware
Red Hat Enterprise Linux 7 advances the level of integration and usability
between the Red Hat
Enterprise Linux guest and VMware vSphere. Integration now includes:
• Open VM Tools — bundled open source virtualization utilities.
• 3D graphics drivers for hardware-accelerated OpenGL and X11 rendering.
• Fast communication mechanisms between VMware ESX and the virtual
machine.
Source Credits: https://access.redhat.com/
http://simplylinuxfaq.blogspot.in/
6. REDHAT LINUX 7 – WHAT’S IN IT 06/18/2015
ARUNVIGNESH VENKATESH 6
All right, we are at the end, finally! Hope you got something out of it and done with your Coffee.
Any time you can reach me for Queries / feedback.
Arunvignesh Venkatesh,
Enterprise Cloud Consultant
E-mail: arun06ac104@gmail.com
Linked-In: https://in.linkedin.com/in/arunvignesh-venkatesh-5456602b
Social Network: https://www.facebook.com/arun.vignesh.7
Tweet me @arun_frd
Mobile: +91 805 053 5547 | Phone: +91 80 3395 7791
See Ya!!!