Language Selection

English French German Italian Portuguese Spanish

User Mode Linux: Maximizing performance, jailing attackers

Filed under
Interviews

User Mode Linux (UML)has ideal security features for controlling and jailing hackers once they've taken the sweetened bait of a 'honeypot,' says User Mode Linuxauthor and project architect Jeff Dike. UML can log all terminal traffic to the host in a way that's invisible and impossible to interfere with from inside the UML unlike Xen and VMware.

Take a tour of UML with Dike as he offers best practices, explains how to boot from an empty jail, talks about jailing attackers and more.

What are some unique issues of server consolidation with User Mode Linux?

Jeff Dike: From my point of view, server consolidation doesn't differ greatly from any other virtualization workload. So, the advantages of UML apply here the same as in other areas.

One aspect of server consolidation that may distinguish it from other virtualization workloads is that the host administrator may not trust the UML administrators. In this case, the UML administrators won't have shell access on the host, and the host administrator will need to decide how they will be allowed to access their UMLs.

The easy solution is to allow only network access. But this will increase the support burden when UML owners make their UMLs inaccessible by misconfiguring their networks. In this case, allowing the equivalent of logging in on a hardwired terminal would be nice, so that the UML admins still have access to their UMLs and can fix the network themselves.

So how should host administrators determine access criteria for UML?

Full Story.

More in Tux Machines

solydxk Ready for the transition and new ISOs

The team has been toiling night and day to make the transition to Debian Jessie and Debian Wheezy as smooth as possible for you. Everything is ready and you should now be able to upgrade. If you experience connection problems while attempting to upgrade this is probably due to a request overload of our server. Just wait a bit and try later. Read more

GNU/Linux Grows Well In Argentina

A government announces a programme to distribute GNU/Linux to schools and it takes a few years to roll out. Read more

Oracle Releases Node.js Tools

Back at its OpenWorld event in 2014, Oracle announced it was working on a Node.js driver for its database products. The resulting code was released last week, as open source code with an Apache 2.0 license. The driver is now available from GitHub, and includes tools for working with JavaScript objects and arrays, and for translating between Oracle and JavaScript data types. It’s designed to handle transactions, and to work with Oracle’s built-in scaling tools. This includes the ability to quickly end transactions in the event of server failures – allowing Node.js applications to quickly failover to another database, without losing user data. Read more

Samsung Galaxy Tab S Pro Might Be Soon Upon Us

Samsung has been pretty silent when it comes to tablets in the last few months. The Korean tech giant rolled out the Galaxy Tab Active at IFA 2014, but that was just a rugged, re-branded version of the Galaxy Tab 4 8.0-inch model. Read more