Monthly Archives: augustus 2015

Breach Recovery Costs More in Virtual Environments

31 augustus 2015
By

Businesses pay nearly double to recover from a security breach if a virtual infrastructure is affected during a cyber-attack, according to a new survey of 5,500 companies released by security specialist Kaspersky Lab in cooperation with market research firm B2B International. It doesn’t matter if the company is a large enterprise or a small and midsize business (SMB)—recovering from a security breach involving a virtual infrastructure will result in much higher costs than a security breach in a physical infrastructure. Kaspersky Lab attributes the higher cost to the majority of businesses using virtual environments for their most critical business processes. Security breaches in virtual environments also require additional cost for third-party expertise. Also, many businesses believe that security risks are lower in virtual environments and, often, don’t deploy security solutions designed for virtual environments. This opens up opportunities for service providers to help their customers lower their overall risks in virtual environments through education and new solutions. Here are 15 reasons why this is vital.

Bron: Linux and Unix Nieuws Lees het complete artikel hier: http://www.channelinsider.com/security/slideshows/breach-recovery-costs-more-in-virtual-environments.html/

Hands on with Windows Server 2016 Containers

31 augustus 2015
By

First Look Microsoft has released Technical Preview 3 of Windows Server 2016, including the first public release of Windows Server Containers, perhaps the most interesting new feature.

A container is a type of virtual machine (VM) that shares more resources than a traditional VM.

“For efficiency, many of the OS files, directories and running services are shared between containers and projected into each container’s namespace,” said Azure CTO Mark Russinovich.

Containers are therefore lightweight, so you can run more containers than VMs on a host server. They are also less flexible. Whereas you can run Linux in a VM running on Windows, that idea makes no sense for a container, which shares operating system files with its host.

Containers have existed for a long time on Unix-like operating systems, but their usage for application deployment increased following the release of Docker as an open source project in early 2013.

Docker provides a high-level API and tools for managing and deploying Linux container images, and Docker Hub is a public repository of container images.

The popularity of Docker has helped to promote a distinctive approach to application deployment, where developers focus on creating container images which can be deployed multiple times.

The live instances are disposable, and you update an application by updating and redeploying the images. Each image may implement a relatively small piece of functionality, which fits well with a style of software architecture called microservices.

Containers are now a Windows Server feature

Containers are now a Windows Server feature

Windows developers have missed out on the container fun, but Microsoft is putting that right in Server 2016 and on its Azure cloud platform. Container support is now

Bron: The Register Lees het complete artikel hier: http://go.theregister.com/i/cfa/http://www.theregister.co.uk/2015/08/31/hands_on_with_windows_server_2016_containers/

Hardened Linux stalwarts Grsecurity pull the pin after legal fight

28 augustus 2015
By

The gurus behind the popular and respected Linux kernel hardening effort Grsecurity will stop providing free support for their stable offering. In future, only paying sponsors will get stable patches to shore up their kernels’ defenses.

The public stable patches will not be distributed beyond the next two weeks in response to an expensive and lengthy court case between the small outfit and a “multi-billion dollar” corporation which it says flagrantly infringed its rights. Beta-test-grade patches will still be available for all.

Grsecurity man Brad Spengler says he has “had enough” of the embedded device industry ripping off his company’s efforts, trashing its trademarks, and breaching the source code’s open-source GPL license, without donating “a single dime.”

The straw that broke the camel’s back was an face-off in which Spengler says “a multi-billion dollar corporation had made Grsecurity a critical component of their embedded platform.”

Spengler’s not no problem with that, but is concerned “… they’re using an old, unsupported kernel and a several year old, unsupported version of grsecurity that they’ve modified.” That gets Spengler’s goat, because he thinks it is typically slack practice “for the embedded Linux industry, seemingly driven by a need to mark a security checkbox at the lowest cost possible. So it’s no surprise that they didn’t bother to hire us to perform the port properly for them or to actively maintain the security of the kernel they’re providing to their paid customers.”

But Spengler can’t tolerate the fact “the aforementioned company has been using the grsecurity name all over its marketing material and blog posts to describe their backported, unsupported, unmaintained version in a version of Linux with other code modifications that haven’t been evaluated by us for security impact.”

“Simply put, it is NOT grsecurity – it doesn’t meet our standards and at the same time it

Bron: The Register Lees het complete artikel hier: http://go.theregister.com/i/cfa/http://www.theregister.co.uk/2015/08/27/grsecurity/

DDN: Quicker storage access passes HPC buck to CPU makers

27 augustus 2015
By

Comment At a DDN user group meeting in Frankfurt earlier this year, Alex Bouzari said high-performance computing (HPC) exhibits an enduring tug-of-war between compute and storage.

The co-founder and CEO of DataDirect Networks – which makes fast-access and capacious storage for supercomputing and HPC – speaks from the storage side of the struggle and is repeating a point of view held by many.

Applications running in this HPC world need immense CPU and data storage resources. Typically, sets of processors have parallel access to sets of storage nodes: fast CPUs making best use of slow-spinning disks.

Supercomputers and HPC installations were once compute-bound, with the run-time of apps featuring much more CPU time than IO time.

As supercomputers and HPC server processors became faster, the applications they ran moved into the IO-bound world. The application software spent more time waiting for IO than processing data. However, their users didn’t want to wait for storage arrays with serial IO access.

Parallel file systems, like IBM’s GPFS and Lustre, provided a popular way of enabling lots more access to storage resources … and the apps, now getting data faster, reverted to being compute-bound.

But Moore’s Law had its way and processors became even more powerful, with multi-threading, multiple cores, and multi-socket servers, shortening the CPU-run time for HPC apps and making them IO-bound once more. Which is where we are today.

Bouzari says the balance can be redressed by inserting a faster-than-disk, drop-in, solid-state tier between the compute servers and the storage nodes, effectively relegating the disk-based nodes to a backing store.

The new tier uses PCIe flash and NVMe drivers. This has similarities to an EMC DSSD (rack-scale flash storage) implementation at a University of Texas supercomputing centre, TACC.

The DDN idea has working set data in its five million IOPS WolfCreek devices, with their

Bron: The Register Lees het complete artikel hier: http://go.theregister.com/i/cfa/http://www.theregister.co.uk/2015/08/27/bypassing_posix_in_the_serverstorage_io_equation/

Hardened Linux stalwarts grsecurity pull the pin after legal fight

27 augustus 2015
By

The gurus behind the popular and respected Linux kernel hardening service Grsecurity have decided to stop providing support for its stable offering.

Patches will be ceased in the next two weeks in response to an expensive and lengthy court case between the small outfit and a “multi-billion dollar” corporation which it says flagrantly infringed its trademark.

Grsecurity man Brad Spengler says he has “had enough” of the embedded device industry ripping of his company’s efforts, trashing its trademarks and breaching the GPL, without donating “a single dime”.

The straw that broke the camel’s back was an incident in which Spengler says “A multi-billion dollar corporation had made Grsecurity a critical component of their embedded platform.”

Spengler’s not no problem with that, but is concerned “… they’re using an old, unsupported kernel and a several year old, unsupported version of grsecurity that they’ve modified.” That gets Spengler’s goat, because he thinks it is typically slack practice “for the embedded Linux industry, seemingly driven by a need to mark a security checkbox at the lowest cost possible. So it’s no surprise that they didn’t bother to hire us to perform the port properly for them or to actively maintain the security of the kernel they’re providing to their paid customers.”

But Spengler can’t tolerate the fact “The aforementioned company has been using the grsecurity name all over its marketing material and blog posts to describe their backported, unsupported, unmaintained version in a version of Linux with other code modifications that haven’t been evaluated by us for security impact.”

“Simply put, it is NOT grsecurity – it doesn’t meet our standards and at the same time it uses our brand and reputation to further its marketing.”

“They are publishing a ‘grsecurity’ for a kernel version we never released a patch for.”

“We decided that it is unfair to our sponsors that

Bron: The Register Lees het complete artikel hier: http://go.theregister.com/i/cfa/http://www.theregister.co.uk/2015/08/27/grsecurity/

Met Mac in Windows 10 via Parallels Desktop 11

25 augustus 2015
By

Met Parallels Desktop 11 kunnen Mac-gebruikers in Windows 10 werken en profiteren van de voordelen van Cortana, de intelligente persoonlijke assistent van Microsoft, zowel in Windows als in OS X. Dit is de allereerste keer dat Parallels Desktop een Windows-functie beschikbaar maakt voor OS X-apps. Parallels Desktop 11 voorziet ook in experimentele ondersteuning voor OS X El Capitan.



Parallels Desktop 11 voor Mac stelt gebruikers in staat om een preview uit te voeren op Windows-machines en geneste virtualisatie te gebruiken voor zowel Windows- als Linux-gasten. De professionele editie is een nieuwe versie van de software die specifiek is ontworpen voor ontwikkelaars, ontwerpers en intensieve gebruikers, die hiermee een aantal krachtige hulpprogramma’s in handen krijgen waarmee ze hun productiviteit kunnen maximaliseren. De professionele editie ondersteunt integratie met populaire hulpprogramma’s voor ontwikkelaars, zoals Docker, Visual Studio (plug-in), Chef and Jenkins, Vagrant, Guest OS-debugging en netwerksimulatie.

De zakelijke editie van Parallels Desktop voor Mac, voorheen Parallels Desktop for Mac Enterprise Edition, biedt alle functies van de professionele editie en voorziet it-beheerders van de meest efficiënte manier om medewerkers op een Mac met Windows-apps te laten werken.

Bron: Computable Lees het complete artikel hier: http://www.computable.nl/artikel/producten/besturingssystemen/5545653/1277048/met-mac-in-windows-10-via-parallels-desktop-11.html

Security Vendor LightCyber Launches Channel Program

21 augustus 2015
By

LightCyber’s Active Breach Detection, only sold through the channel, looks at user behavior and known attack vendors to curtail potential security breaches.

Looking for partners that can help drive a new approach to managing security breaches, LightCyber unveiled a channel program aimed at solution providers that either already have or are looking to acquire additional security expertise.

Jason Matlof, executive vice president of LightCyber, said the LightCyber Channel Alliance program is designed to drive adoption of an Active Breach Detection offering to help make it faster and simpler for IT organizations to discover and isolate malware.

“Our assumption is that the organization has already been breached,” said Matlof. “We profile all the users and devices on the network to identify anomalous behavior.”

Sold only via the channel, the Active Breach Detection platform provides organizations with an alternative to using security information event management (SIEM) platforms to search through log files in the hope of discovering anomalies, Matlof said. In its place, the Active Breach Detection platform from CyberLight correlates user behavior with known attack vectors to identify potential security breaches faster and with a high degree of confidence.

One of the banes of IT security today, noted Matlof, is that many IT security products generate too many false positives. The end result is a continuous stream of alerts that the IT organization eventually starts to ignore because they end up wasting time on the IT security equivalent of a wild goose chase. Rather than generating alerts based on, for example, the existence of some type of binary file, the LightCyber Active Breach System correlates those events against known end-user behavior patterns.

To make it simpler to resell the Active Breach System or build a managed service around it, LightCyber provides access to a wealth of online training material that partners need to be certified on

Bron: Linux and Unix Nieuws Lees het complete artikel hier: http://www.channelinsider.com/security/security-vendor-lightcyber-launches-channel-program.html/

Hackers exploiting wide-open Portmap to amp up DDoS attacks

19 augustus 2015
By

Security watchers have warned about a new class of DDoS amplification attack threat which only exists because too many users are failing to follow basic safeguards.

Improperly configured services such as DNS or Network Time Protocol (NTP) have been exploited to launch a string of DDoS attacks over the last couple of years, the most high-profile of which battered Spamhaus and buffeted internet exchanges back in March 2013. Over recent weeks, another service – Portmap – has become a vector of DDos attacks, US-based carrier Level 3 warned.

Attacks using the technique and monitored by Level 3 last week focused on gaming, hosting and internet infrastructure verticals.

Unlike DNS and NTP, Portmap has no business being exposed on internet-facing systems. Disabling or blocking internet-facing Portmap services using firewalls is trivial, but too many net admins have overlooked this well-understood practice, creating a resource which hackers can abuse.

Tod Beardsley, security engineering manager at Rapid7, the firm behind Metasploit, commented: “Portmap (port 111/UDP) used to be a common service on many UNIX-like distributions, including Linux and Solaris. To hear that it’s part of a ‘new DDoS’ attack is very disorienting, as Portmap attacks are by no means new.”

Portmap can still be useful in private, internal networks, but the technology is cleartext and essentially unauthenticated. So it’s really not the sort of thing you’d want to expose on the web even before considering the technology’s history of security vulnerabilities.

Global Portmap traffic grew by a factor of 22 when comparing the last seven days of June with the seven days ending August 12. This is still very small compared to other UDP services, but the big growth in traffic points to the service becoming a fashionable avenue for attacks.

Hosts that support Portmap in internet-facing connections are at risk of becoming unwitting accomplices in

Bron: The Register Lees het complete artikel hier: http://go.theregister.com/i/cfa/http://www.theregister.co.uk/2015/08/19/portmap_ddos_threat/

CharTec Launches Relyenz Security Service for MSPs

10 augustus 2015
By

CharTech announced its new Relyenz division, which functions as a value-added distributor for security technologies delivered as a cloud service.

Looking to give managed services providers a much-needed hand in delivering security services, CharTec announced the launch of its new Relyenz division, which functions as a value-added distributor for IT security technologies delivered as a cloud service.

CharTec already provides MSP training and hardware-as-a-service (HaaS) offerings to solution providers. The new division extends those efforts into the realm of IT security services and support, said Leonard Dimiceli, vice president of marketing and sales for Relyenz.

“In addition to making it simpler to buy multiple IT security services, we’re providing MSPs with Tier 2 and Tier 3 support,” said Dimiceli. “We deliver everything through our CentralPoint portal.”

Most MSPs these days are hard-pressed to find IT security talent in a space where technology advances are rapid. As a result, MSPs are always faced with transitioning to new IT security technologies that they usually don’t have the internal expertise available to support.

Most MSPs are trying to support multiple IT security products in any given category, which can be costly. Relyenz will significantly lower the cost of switching between IT security products and services for the MSP, Dimiceli said.

As a result of a series of high-profile breaches, the awareness of IT security issues has never been higher. The downside of all that attention, however, is that fact that customers are insisting that MSPs be able to provide higher levels of security to gain or maintain their businesses. That puts the onus on MSPs to find and retain IT security experts that are in very short supply. Via Relyenz, multiple MSPs are effectively sharing the cost of acquiring IT security expertise in a way that doesn’t show up on their balance sheet as a full-time employee.

At this juncture,

Bron: Linux and Unix Nieuws Lees het complete artikel hier: http://www.channelinsider.com/security/chartec-launches-relyenz-security-service-for-msps.html/

Hyper-scaling multi-structured data? Let’s count the ways

10 augustus 2015
By

Comment Hyperscaling storage for unstructured data, file and object silos is conceptually straightforward. You buy yourself commodity hardware and get parallel filesystem software or object software. Hyperscale block storage generally means buying a monster SAN. But what happens if you need to have hyperscale storage across block, file and object bases?

That’s when you need molluscoid magic; say hello to Ceph, InfiniDat ingenuity or ScaleIO’s scheme.

They would have to cope with four kinds of data;

  • Block, as classically used by databases and seen in storage area networks (SANs)
  • File, as used by the generality of applications with data located in folders containing files, stored either on local, directly-accessed storage (DAS) or network-attached storage (NAS or filers)
  • Object, with the object’s contents used to compute its address and locate it in a sea of connected object storage nodes
  • Unstructured data typically stored in Hadoop with multiple server nodes using the Hadoop Distributed File System (HDFS) and each running computations against its locally-stored data for parallel processing

As data grows and grows storage systems scale to tens of nodes and then go into hyperscale territory with hundreds of nodes and exabyte-level capacities; this will do for a rough definition of hyperscale.

At hyperscale normal storage structures can break down; traversing a file:folder structure with a billion files and a million folders, or more, can take an age in CPU cycle terms. A single and central metadata system becomes a choke point for access, a bottleneck that slows everything down. Some kind of parallelised, accelerated access is needed to thread your way through the metadata monster that controls access to the millions of data structures you have, files, objects, etc.

This is the service IBM’s Spectrum Scale, its rebranded GPFS (General Parallel File System) provides, and it’s what Isilon systems do with metadata cached in flash for faster access. If

Bron: The Register Lees het complete artikel hier: http://go.theregister.com/i/cfa/http://www.theregister.co.uk/2015/08/10/hyperscaling_multistructured_data/