Archive for May 30, 2009

RB | May 30, 2009
No comments

IPv6 Has a Business Case

ipv6According to a Network World article business incentives are completely lacking today for upgrading to IPv6, the next generation Internet protocol, according to a survey of network operators conducted by the Internet Society (ISOC).

In the report, ISOC says that ISPs, enterprises and network equipment vendors report that there are “no concrete business drivers for IPv6.” However, survey respondents said customer demand for IPv6 is on the rise and that they are planning or deploying IPv6 because they feel it is the next major development in the evolution of the Internet. All of the ISOC survey respondents said they are planning for IPv6, and most have begun deployment.

IPv6 deployment remains spotty, even for organizations committed to the technology, the survey found. When asked how they were deploying IPv6, a little over half said they were deploying IPv6 on parts of their network rather than their whole network. Several respondents said they envision parts of their networks never operating with IPv6.

What’s driving network operators to IPv6 is demand from customers rather than IPv4 address depletion, the survey found. Almost half of the respondents report customer pressure to migrate to IPv6. Fewer respondents indicated a need for additional address space or the desire for simpler addressing or less complexity on their networks.

According to the survey, 77% of the respondents are using dual-stack, running IPv4 and IPv6 side-by-side. 45% of respondents used some kind of tunneling to implement of IPv6 on top of their existing IPv4 networks. However, tunneling was largely viewed as a temporary measure that either had been phased out or would be phased out in the near future, including when their upstream networking provider offered native IPv6 service. 45% of respondents stated that they had part of their network running a native IPv6 deployment.

More than half of the survey respondents said that additional address space is the primary motivator for IPv6. Network operators put less weight on the auto-configuration, built-in security and mobility features that are found in IPv6.

rb-

The Network World article misses the point.  The Network Word article does note that ISOC contracted 90 members and only twenty-two organizations responded for a response rate of less than 25%, not the best body of work to declare there is no business reason to deploy IPv6. Experts predict IPv4 addresses will be gone by 2012. At that point, all ISPs, government agencies and corporations will need to support IPv6 on their backbone networks.  IP addresses are like crude oil, there are only so much of it around. Scarce resources cost more as the resource pool decreases.

Category: IPv6 |
RB | May 25, 2009
No comments

Twitter Security

twitter_logo

Updated 07-11-2009 Messagelabs has reported an explosion in SPAM messages that include short URL’s. In an article at CNET, Matt Sergeant, a senior antispam technologist at MessageLabs said, “Usually when we see a spike of this nature it tends to indicate that a spammer has found some method of automating the creation of these short URLs.”

The whole world can now follow me on Twitter. I signed up a couple of weeks  and have been beta testing it on myself on a disposable gmail account. What bothers me the most about twitter is its use of  TinyURL‘s. One of the first rules in web-based self-defense is know where you are going and tiny URL‘s totally remove that option. No wonder phishing scams are popular on the service.

According to Wikipedia TinyURL is a web service that provides short aliases for redirection of long URLs. Kevin Gilbertson, a web developer, launched the service in January 2002 so that he would be able to link directly to newsgroup postings which frequently had long and cumbersome addresses.

I have how installed the FireFox AddOn LongURL Mobile Expander by Sean Murphy. The blurb on the FireFox AddOn page says LongURL Mobile Expander uses the LongURL.org web services to let you know where shortened links *really* go. In a Firefox window, the actual URL is displayed while you hover the cursor over the tinyURL so that you can be sure you want to go to www viruii com / infectme

Related articles
Category: Networking, Security | Tags: , , , , ,
RB | May 23, 2009
No comments

Energy Star for Servers Released

epa logo

The U.S. Environmental Protection Agency released an Energy Star specification for computer servers on May 15, 2009. This new specification covers standalone servers with one to four processor sockets is in part a reaction to estimates that by 2011, IT equipment is  expected to account for 3 percent of all U.S. electricity consumption, according to the EPA. Andrew Fanara of the Energy Star  product development team helped spearhead the process of getting a spec for servers told DataCenter News. “EPA believes this new server spec is an important first step to help attract attention to the need and opportunity to reduce cost and save energy in federal data center facilities, especially during a time of tight budgets,” Fanara told GCN.

The new specification includes:

  • Power supply efficiency requirements which should increase efficiency and reduce waste heat
  • Power consumption limits for when the server is idle
  • Single-socket server are limited to 60 watts
  • 2-3 socket servers are  limited to 151-221 watts
  • Allowances for additional installed components
  • Power and performance data sheet  detailing power consumption  in a common format
  • Ability to report energy-related statistics to data center management software.

Vendors Respond - Major server manufacturers are already submitting their products for Energy Star approval. HP says that two of its hp_logomost popular servers, the DL360 and DL380 G6 are now Energy Star compliant with more servers added to the list soon. IBM‘s next-generation Power6 processor has power management abilities that let it drop down to a 100-watt level. Sun Microsystems has been touting the energy efficiency of its UltraSparc T1 “Niagara”-based servers for quite a while . The Niagara CPU typically uses 72 watts of power at 1.4 GHz. Jay Dietrich, ibm_logoprogram manager at IBM’s corporate environmental affairs group told GCN,“Overall, we think that there has been good progress on the server requirements, and we think EPA has done some good work in getting that specification focused on the issues.”  Not to be left out, Dell launched an energy-efficient server line in December. Dell touts it’s PowerEdge Energy Smart 1950 III and 2950 III servers as the Dell green sun_logoalternatives

Criticism- The new Energy Star criteria has its critics. The biggest complaint  is that a qualifying server need only demonstrate energy efficiency when it’s in idle, powered on but doing no work. This is the equivalent of dellcomparing the mile per gallon of a Hummer and a Prius sitting at a stop light. Both use a similar amount of fuel idling, not going any where. Many argue that the amount of energy spent idling is less important than how many miles per gallon the vehicle gets while driving, doing its work.  However, firms are becoming increasingly aware of this issue and are addressing it. Organizations are  deploying virtualization to eliminate underutilized servers to get as much performance per watt as possible from their hardware. In most IT organizations there are underutilized servers which spend a great deal of time idling, so idle server power consumption  is relevant but not the whole story. Servers are not like desktop or laptop computers because they are not meant to be idle. Instead, they are designed to be highly utilized and available. “A heavily utilized server is much more energy effective than a small server running at very low utilization rates,” Albert Esser, vice president of data center infrastructure at Dell to GCN.

Subodh Bapat, a distinguished engineer at Sun explained to Data Center News another drawback to the program: It doesn’t take into account how many cores per processor a machine has. “The fact is, when you go from a server that has four processors with two cores each to two processors with four cores each, you save energy. That’s not recognized by the spec,” he said. “If you’re shipping a server with one processor, it doesn’t matter if you have one core or two cores or four or eight. You still get the same idle power allowance. There’s no benefit for the fact that you can do, say, eight times work with a fewer number of watts.”

“This is a great first step, but it’s not a complete spec,” says Bapat. “It’s a good start toward finding out which servers are better than others on an energy basis.” Bapat wasn’t entirely critical about the Energy Star program for servers. For example, a compliant server must be capable of measuring real-time environmental data . “Transparency is always a good thing. Energy Star requires the ability to report power consumption data pretty much across the range of utilization and at all times that the server is on. If you want to know how much [power is being consumed], you should be able to ask it and it should tell you. That’s a very useful feature.”

EPA Responds - The Tier 2 Energy Star specification will cover servers with more than four processor sockets, blade servers and fault-tolerant machines is expected in October 2010. The Tier 2 spec will also define a metric that compares server performance with energy consumption. EPA’s Fanara speculates that finding the magic numbers,  could take a while. The EPA is developing an Energy Star spec for data center facilities and is collecting data from volunteering data centers now. Fanara said his group also hope to have a framework document for an Energy Star for data storage equipment out in June 2009.

rb-

I agree with Sun’s Bapat that the current version of the Energy Star requirements for servers is a good first step. Just like any 1.0 version release, there is still a lot of work to be done.

energy_starEnergy Star was introduced by EPA in 1992 as a voluntary program to reduce greenhouse gas emissions through energy efficiency. The Energy Star label can be found on more than 50 different kinds of products, new homes and commercial and industrial buildings. Energy Star is the EPA labeling program designed to help consumers pick out energy-efficient products. If a manufacturer qualifies its product, it can place an Energy Star label on it, and the product information can also be displayed on the manufacturer’s and the Energy Star Web site.

Category: Green, Hardware, Networking | Tags: , ,
RB | May 16, 2009
No comments

Server Sprawl Continues

Data Center Knowledge reports an interesting survey from Netcraft where the firm has developed a technique for identifying the number of computers (rather than IP addresses) acting as web servers on the internet, and attributes these computers to hosting locations through reverse DNS lookups. This provides an independent view with a consistent methodology worldwide on the numbers of web servers, the rate of growth over time, and the operating systems and web server technology used at each hosting company worldwide..

Through an analysis of public reports and Netcraft server count report, Data Center Knowledge developed a list of organizations with a large number of servers. Here are some of the largest:

The Data Center Knowledge article goes on to speculate on degree of server sprawl at some of the more secretive firms:

  • Google: There’s a widely circulated estimate of 450,000 servers, but that number is at least three years old. If it was ever accurate, it certainly isn’t anymore, given Google’s data center building spree. Google’s recently revealed container data center holds more than 45,000 servers, and that’s a single facility built in 2005.
  • Microsoft: There’s actually some numbers on Microsoft’s server count, but it’s also dated. Screen shots from the company’s data center management software suggest that Microsoft was running about 218,000 servers in mid-2008. The company’s new Chicago container farm will hold up to 300,000 servers, so the count will change rapidly when that facility is deployed.
  • Amazon: Amazon says very little about its data center operations, but we know that it bought $86 million in servers from Rackable in 2008, and stores 40 billion objects in its S3 storage service.
  • eBay: With more than 160 million active users between its online auction house and PayPal payment service, and 443 million users on Skype, eBay has a massive data center infrastructure. The company houses more than 8.5 petabytes of data in huge data warehouses. We’re not certain what kind of server count this requires, but it’s certainly in the 50,000 club.
  • Yahoo: The third major search portal likely has more than 50,000 servers in operation to support its large free hosting operation as well as its paid hosting service and Yahoo Stores.
  • GoDaddy: It’s the world’s largest domain registrar with more than 35 million domains under management, but effective cross-selling of its hosting plans has also made GoDaddy one of the largest shared hosting operations in the world. It’s infrastructure is probably similar in scope to that of 1&1 Internet.
  • HP/EDS: While server “ownership” is less distinct with system integrators, EDS has an enormous data center operation. Company documents say EDS is managing 380,000 servers in 180,000 data centers.
  • IBM: With more than 8 million square feet of data center space, IBM also houses an enormous number of servers in its data centers, both for itself and its customers.
  • Facebook: Facebook says only that it has more than 10,000 servers, but it’s been saying that since April 2008 and it’s now serving 200 million users and hosting at least 40 billion photos. Facebook is clearly way beyond 10,000 servers.
Category: Hardware, Networking | Tags: ,
RB | May 9, 2009
No comments

Lessons From Botnet Demise

botnet-computers2Brian Krebs on the Washington Post blog Security Fix profiled a case where a bot-herder killed 100,000 zombie clients in his botnet. The bot-herder implemented a “kill operating system” or kos command resident in the Zeus bot-net crimeware . The kos command caused the infected PC’s to Blue Screen of Death (BSOD).  The Madrid based security services firm S21sec reports that invoking the kos command only results in a blue screen and subsequent difficulty booting the OS. There appears to be no significant data loss and neither the Trojan binaries nor the start-up registries are removed, In this post they examine what happens to an infected computer when it receives a Zeus kos

The Zeus crimeware, designed by the Russian A-Z to harvest financial and personal data from PCs through the use of a Trojan. UK Computer security firm Prevx found the Zeus crimeware available for just $4,000, The fee includes a DIY “exe builder” which incorporates a kernel level rootkit. According to the Prevx this means it can hide from even the most advanced home or corporate security software. RSA detailed the capabilities of Zeus crimeware in 2008.  Zeus also includes advanced “form injection capabilities” allowing it to modify web pages displayed by web sites as they are served on the user’s PC. For example, criminals can add an extra field or fields to a banking web site asking for credit card numbers, social security numbers, etc. making it look like the bank is asking you for this data after you have logged on and you believe you are securely connected to your bank.

rb-

The reason for BSODing 100,000 machines isn’t quite clear, but several security experts have offered up their opinions including  S21sec and Zeustracker (currently down due to an apparent DDOS). What is clear are  the implications of this action. Botnets and their related crimeware are dangerous for more and more reasons. They can steal massive amounts of personal data, They can launch denial-of-service attacks and they can execute code. I agree with Krebs that the scarier realities about malicious software is that these programs leave ultimate control over victim machines in the hands of the attacker.

For the time being, it is still in the best interests of the attackers to leave the compromised systems in place to plunder more information. However imagine the socail chaos created if 9 million PCs infected with Conflicker incluing hosiptals from Utah the to UK were under the control of Al-Queda or other similirly minded groups. These politically motivated attackers could order all of the infected machines to BSOD, creating computer enhanced chaos. One of the forgotten lessons of 9-11 is that our technology can be hi-jacked and turned against us.  This could be the opening into new type of cyber warfare.

Category: Malware, Networking, Security | Tags: , ,
« Older Entries  

Switch to our mobile site