Language Selection

English French German Italian Portuguese Spanish

User Mode Linux: Maximizing performance, jailing attackers

Filed under
Interviews

User Mode Linux (UML)has ideal security features for controlling and jailing hackers once they've taken the sweetened bait of a 'honeypot,' says User Mode Linuxauthor and project architect Jeff Dike. UML can log all terminal traffic to the host in a way that's invisible and impossible to interfere with from inside the UML unlike Xen and VMware.

Take a tour of UML with Dike as he offers best practices, explains how to boot from an empty jail, talks about jailing attackers and more.

What are some unique issues of server consolidation with User Mode Linux?

Jeff Dike: From my point of view, server consolidation doesn't differ greatly from any other virtualization workload. So, the advantages of UML apply here the same as in other areas.

One aspect of server consolidation that may distinguish it from other virtualization workloads is that the host administrator may not trust the UML administrators. In this case, the UML administrators won't have shell access on the host, and the host administrator will need to decide how they will be allowed to access their UMLs.

The easy solution is to allow only network access. But this will increase the support burden when UML owners make their UMLs inaccessible by misconfiguring their networks. In this case, allowing the equivalent of logging in on a hardwired terminal would be nice, so that the UML admins still have access to their UMLs and can fix the network themselves.

So how should host administrators determine access criteria for UML?

Full Story.

More in Tux Machines

Ubuntu 15.10 to Be Called Wily Werewolf

Mark Shuttleworth has just announced the name of the Ubuntu 15.10, the next iteration of the Linux distribution from Canonical, and it's Wily Werewolf. The founder of Canonical used to make these announcements on this personal blog, but he has chosen the Ubuntu Online Summit keynote to make this one. What's interesting about this particular name is the fact that it makes a full circle (almost) to the first Ubuntu release Ubuntu 4.10 (Warty Warthog), that dates back to October 2004. Read more Also: Mark Shuttleworth Promises Ubuntu Phone that Turns into PC This Year

Knoppix Topics: An interview with Linux pioneer Klaus Knopper

At this year’s CeBIT trade show in Hanover, Germany, Christopher von Eitzen sat down with Linux legend Klaus Knopper to discuss his popular Knoppix Linux distribution as well as Linux and accessibility in open source software. Designed to boot and run directly from a CD, DVD or USB flash drive without needing to be installed on a computer’s hard drive, Knoppix incorporates automatic hardware detection with support for a wide range of video and sound cards, USB devices and other peripherals and uses and on-the-fly decompression to run entirely in a computer’s memory. The CD version carries up to 2GB of executable software, while the single-layer DVD edition stores up to 10GB of data. The operating system can be used, for example, as a rescue system, to demonstrate Linux, as an educational CD, or installed directly to a system. Read more

LibreOffice 4.4.3 RC2 Is Out, Stable Version Should Arrive Very Soon

The Document Foundation has just announced that the second RC (Release Candidate) for the LibreOffice 4.4.3 branch has been released and is now available for download and testing. Read more