During Jacob Applebaum's talk at DebConf15, he noted that Debian should TLS-enable all services, especially the mirrors.

His reasoning was that when a high-value target downloads a security update for package foo, an adversary knows that they are still using a vulnerable version of foo and try to attack before the security update has been installed.

In this specific case, TLS is not of much use though. If the target downloads 4.7 MiB right after a security update with 4.7 MiB has been released, or downloads from security.debian.org, it's still obvious what's happening. Even padding won't help much as the 5 MiB download will also be suspicious. The mere act of downloading anything from the mirrors after an update has been released is reason enough to try an attack.

The solution, is, of course, Tor.

This paper has one goal:

Create an easy to use, fully redundant platform for virtual servers. 

Oh, and do have fun!

irt-back is a python application that uses the libvirt API to safely shutdown, gzip, and restart guests.

The backup process logs to syslog for auditing and virt-back works great with cron for scheduling outages. Virt-back is in active development so feel free to give suggestions or branch the source.

virt-back has been placed in the public domain and the latest version may be downloaded here: https://bitbucket.org/russellballestrini/virt-back
Installation:

Le FRench SysAdmins Group (FRsAG) est un groupe d'échange d'informations, de techniques, de conseils entre administrateurs systèmes et architectes techniques francophones.

A thread on the Ubuntu-devel-discuss mailing list last month asked about how to find out what processes are making outgoing network connectsion on a Linux machine. It referenced Ubuntu bug 820895: Log File Viewer does not log "Process Name", which is specific to Ubuntu's iptables logging of apps that are already blocked in iptables ... but the question goes deeper.

Several years ago, my job required me to use a program -- never mind which one -- from a prominent closed-source company. This program was doing various annoying things in addition to its primary task -- operations that got around the window manager and left artifacts all over my screen, operations that potentially opened files other than the ones I asked it to open -- but in addition, I noticed that when I ran the program, the lights on the DSL modem started going crazy. It looked like the program was making network connections, when it had no reason to do that. Was it really doing that?

Backup: MBR: dd if=/dev/hda of=backup-hda.mbr count=1 bs=512 Extended partitions: sfdisk -d /dev/hda > backup-hda.sf Recover: dd if=backup-hda.mbr of=/dev/hda sfdisk /dev/hda < backup-hda.sf