Language Selection

English French German Italian Portuguese Spanish

User Mode Linux: Maximizing performance, jailing attackers

Filed under
Interviews

User Mode Linux (UML)has ideal security features for controlling and jailing hackers once they've taken the sweetened bait of a 'honeypot,' says User Mode Linuxauthor and project architect Jeff Dike. UML can log all terminal traffic to the host in a way that's invisible and impossible to interfere with from inside the UML unlike Xen and VMware.

Take a tour of UML with Dike as he offers best practices, explains how to boot from an empty jail, talks about jailing attackers and more.

What are some unique issues of server consolidation with User Mode Linux?

Jeff Dike: From my point of view, server consolidation doesn't differ greatly from any other virtualization workload. So, the advantages of UML apply here the same as in other areas.

One aspect of server consolidation that may distinguish it from other virtualization workloads is that the host administrator may not trust the UML administrators. In this case, the UML administrators won't have shell access on the host, and the host administrator will need to decide how they will be allowed to access their UMLs.

The easy solution is to allow only network access. But this will increase the support burden when UML owners make their UMLs inaccessible by misconfiguring their networks. In this case, allowing the equivalent of logging in on a hardwired terminal would be nice, so that the UML admins still have access to their UMLs and can fix the network themselves.

So how should host administrators determine access criteria for UML?

Full Story.

More in Tux Machines

When A Computer Is Ready for the Junk Pile

HBO//Devious Maids S04E01 Online 2016. HBO//Pretty Little Liars S7 E2 Online 2016.

Windows 'Upgrade'

  • When A Computer Is Ready for the Junk Pile
    To that point, there was a report that a mail server failure in a large business office remained a mystery for two days until someone found an old Pentium II back in the corner of some obscure closet with a burned out power supply. It is reported that the Slackware/Debian/Red Hat machine had been plugging away as a mail server for a number of years, completely unattended. That’s feasible I suppose, but I further suppose that it’s a modern day parable about how open source can indeed, carry the day.
  • Microsoft draws flak for pushing Windows 10 on PC users
    With about a month left for many PC users to upgrade to Windows 10 at no charge, Microsoft is being criticized for its aggressive — some say too aggressive — campaign to get people to install the new operating system.
  • Microsoft forks out thousands over forced Windows 10 upgrade
    Microsoft has had to pay a Windows user in California US$10,000 over a forced upgrade to Windows 10, according to a report in the Seattle Times. The user, Teri Goldstein, runs a travel agency in Sausalito, a San Francisco Bay Area city in Marin County, California.
  • A lawsuit over an unwanted Windows 10 upgrade just cost Microsoft $10,000
    Microsoft recently paid a (very small) price for its Windows 10 upgrade tactics, and that was before they became increasingly aggressive.
  • Updategate: California woman awarded $10,000 for borked Windows 10 upgrade
    A CALIFORNIA woman has set a precedent after a court ruled that she was entitled to damages over the installation of Windows 10 on her machine. Teri Goldstein, a travel agent, testified that the new operating system had auto-downloaded, started to install, failed, and left her Windows 7 computer running painfully slowly and often unusable for days. "I had never heard of Windows 10," Goldstein told reporters. "Nobody ever asked me if I wanted to update."
  • Microsoft pays out $10,000 for automatic Windows 10 installation
    Company withdraws appeal leaving it liable for $10,000 compensation judgment after botched automatic upgrade of travel agent’s computer
  • Microsoft Pays Woman $10,000 Over Its Forced Windows 10 Upgrade
    As a result of a legal suit, Microsoft has paid a woman $10,000 over the forced Windows 10 upgrade.
  • 'I urge everyone to fight back' – woman wins $10k from Microsoft over Windows 10 misery
    A California woman has won $10,000 from Microsoft after a sneaky Windows 10 update wrecked the computer she used to run her business. Now she's urging everyone to follow suit and "fight back." Teri Goldstein – who manages a travel agency in Sausalito, just north of San Francisco – told The Register she landed the compensation by taking Microsoft to a small claims court. Rather than pursue a regular lawsuit, she chose the smaller court because it was better suited to sorting out consumer complaints. Crucially, it meant Microsoft couldn't send one of its top-gun lawyers – or any lawyer in fact: small claims courts are informal and attorneys are generally not allowed. Instead, Redmond-based Microsoft had to send a consumer complaints rep to argue its case.

Canonical Releases New Kernel Update for Ubuntu 12.04 LTS and Ubuntu 14.04 LTS

We reported the other day that Canonical released a major kernel update for its Ubuntu 16.04 LTS (Xenial Xerus) operating system, and it appears that it also affected users of the Ubuntu 15.10 (Wily Werewolf) distribution. Read more

This programmable, open source outlet can do things that off-the-shelf smart plugs can't

Excited by the idea of an open-source, Arduino-based outlet, capable of remotely controlling your various household devices? If so, you’ll definitely want to check out the Portlet: a versatile portmanteau of “portable” and “outlet,” which — despite only consisting of 4 buttons and a simple 2×15 character LCD screen — can be programmed to do everything from switching your lights on at a certain time to keeping your coffee heated at the perfect temperature. Read more