Vulnerabilities / Threats // Insider Threats
9/9/2010
12:04 PM
Connect Directly
RSS
E-Mail
50%
50%

Turnkey Linux Intros Amazon S3 Powered Backup

Open source facility also acts as a migration mechanism to quickly move or copy fully working systems in the cloud.




Slideshow: Amazon's Case For Enterprise Cloud Computing
(click for larger image and for full photo gallery)
TurnKey Linux Wednesday released a smart, fully automated open source-based backup and restore facility powered by the Amazon Simple Storage Service (S3) cloud.

TurnKey Linux Backup and Migration (TKLBAM) is based on Ubuntu 8.04.3, was designed to add flexibility to cloud computing, and requires no configuration, according to the Tel Aviv-based developer. The solution delivers speed, intelligence, and automation to migration in the cloud, as well as backup and restore functions, said Liraz Siri, company co-founder.

The solution knows what to back up and not back up to create encrypted archives of changes to files, databases, package management state, and even users and groups, he said. In addition, TKLBAM acts as a migration mechanism to move or copy fully working systems within minutes, Siri said.

"It would be so easy you would, shockingly enough, actually test your backups. No more excuses. As frequently as you know you should be, avoiding unpleasant surprises at the worst possible timing," he said.

Businesses can easily migrate to Ubuntu Lucid from Ubuntu Hardy; to a cloud server from a local deployment; to any virtual private server from a cloud server; to bare metal from a virtual machine; to Debian from Ubuntu; and to 64-bit from 32-bit, according to TurnKey Linux. To accomplish this, TKLBAM is a vertically integrated backup solution with system-level awareness, and knows which configuration files have been changed and which remain untouched since installation. The technology leverages the package-management system to get the appropriate system binaries from package repositories, a process that prevents the waste of backup space, the company said.

"[The tool protects] you from all the small paper-cuts that conspire to make restoring an ad-hoc backup such a nightmare," said Siri. "It would transparently handle technical stuff you'd rather not think about like fixing ownership and permission issues in the restored file system after merging users and groups from the backed up system."

To address security concerns, TKLBAM lets administrators use strong cryptographic passphrase protection -- including countermeasures against dictionary attacks -- for their encryption key, but also allows administrators to create an escrow key in the case of password loss. Since not all information requires such security, the tool enables key management tasks to happen transparently, according to TurnKey Linux.

AES encrypted backup volumes automatically are uploaded to the closest cost-effective, durable cloud storage. These cloud storage systems are designed to deliver 99.999999999% uptime, the company said.

"We took our ideal and we made it work. In fact, we've been experimenting with increasingly sophisticated prototypes for a few months now, privately eating our own dog food, working out the kinks. This stuff is complex so there may be a few rough spots left, but the foundation should be stable by now," Siri said.

In the future, TKLBAM will support PostgreSQL, LAPP, and OpenBravo; currently, it only supports MySQL. Other developments on the horizon include built-in integration of TKLBAM into all TurnKey appliances, and a custom webmin module for TKLBAM, according to TurnKey Linux.

A video of the system in action is available on YouTube.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2963
Published: 2014-07-10
Multiple cross-site scripting (XSS) vulnerabilities in group/control_panel/manage in Liferay Portal 6.1.2 CE GA3, 6.1.X EE, and 6.2.X EE allow remote attackers to inject arbitrary web script or HTML via the (1) _2_firstName, (2) _2_lastName, or (3) _2_middleName parameter.

CVE-2014-3310
Published: 2014-07-10
The File Transfer feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center does not verify that a requested file was an offered file, which allows remote attackers to read arbitrary files via a modified request, aka Bug IDs CSCup62442 and CSCup58463.

CVE-2014-3311
Published: 2014-07-10
Heap-based buffer overflow in the file-sharing feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center allows remote attackers to execute arbitrary code via crafted data, aka Bug IDs CSCup62463 and CSCup58467.

CVE-2014-3315
Published: 2014-07-10
Cross-site scripting (XSS) vulnerability in viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCup76308.

CVE-2014-3316
Published: 2014-07-10
The Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to bypass intended upload restrictions via a crafted parameter, aka Bug ID CSCup76297.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.