Vulnerabilities / Threats //

Insider Threats

9/9/2010
12:04 PM
50%
50%

Turnkey Linux Intros Amazon S3 Powered Backup

Open source facility also acts as a migration mechanism to quickly move or copy fully working systems in the cloud.




Slideshow: Amazon's Case For Enterprise Cloud Computing
(click for larger image and for full photo gallery)
TurnKey Linux Wednesday released a smart, fully automated open source-based backup and restore facility powered by the Amazon Simple Storage Service (S3) cloud.

TurnKey Linux Backup and Migration (TKLBAM) is based on Ubuntu 8.04.3, was designed to add flexibility to cloud computing, and requires no configuration, according to the Tel Aviv-based developer. The solution delivers speed, intelligence, and automation to migration in the cloud, as well as backup and restore functions, said Liraz Siri, company co-founder.

The solution knows what to back up and not back up to create encrypted archives of changes to files, databases, package management state, and even users and groups, he said. In addition, TKLBAM acts as a migration mechanism to move or copy fully working systems within minutes, Siri said.

"It would be so easy you would, shockingly enough, actually test your backups. No more excuses. As frequently as you know you should be, avoiding unpleasant surprises at the worst possible timing," he said.

Businesses can easily migrate to Ubuntu Lucid from Ubuntu Hardy; to a cloud server from a local deployment; to any virtual private server from a cloud server; to bare metal from a virtual machine; to Debian from Ubuntu; and to 64-bit from 32-bit, according to TurnKey Linux. To accomplish this, TKLBAM is a vertically integrated backup solution with system-level awareness, and knows which configuration files have been changed and which remain untouched since installation. The technology leverages the package-management system to get the appropriate system binaries from package repositories, a process that prevents the waste of backup space, the company said.

"[The tool protects] you from all the small paper-cuts that conspire to make restoring an ad-hoc backup such a nightmare," said Siri. "It would transparently handle technical stuff you'd rather not think about like fixing ownership and permission issues in the restored file system after merging users and groups from the backed up system."

To address security concerns, TKLBAM lets administrators use strong cryptographic passphrase protection -- including countermeasures against dictionary attacks -- for their encryption key, but also allows administrators to create an escrow key in the case of password loss. Since not all information requires such security, the tool enables key management tasks to happen transparently, according to TurnKey Linux.

AES encrypted backup volumes automatically are uploaded to the closest cost-effective, durable cloud storage. These cloud storage systems are designed to deliver 99.999999999% uptime, the company said.

"We took our ideal and we made it work. In fact, we've been experimenting with increasingly sophisticated prototypes for a few months now, privately eating our own dog food, working out the kinks. This stuff is complex so there may be a few rough spots left, but the foundation should be stable by now," Siri said.

In the future, TKLBAM will support PostgreSQL, LAPP, and OpenBravo; currently, it only supports MySQL. Other developments on the horizon include built-in integration of TKLBAM into all TurnKey appliances, and a custom webmin module for TKLBAM, according to TurnKey Linux.

A video of the system in action is available on YouTube.

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
Why Enterprises Can't Ignore Third-Party IoT-Related Risks
Charlie Miller, Senior Vice President, The Santa Fe Group,  5/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Security through obscurity"
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
The State of Ransomware
The State of Ransomware
Ransomware has become one of the most prevalent new cybersecurity threats faced by today's enterprises. This new report from Dark Reading includes feedback from IT and IT security professionals about their organization's ransomware experiences, defense plans, and malware challenges. Find out what they had to say!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11232
PUBLISHED: 2018-05-18
The etm_setup_aux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service (panic) because a parameter is incorrectly used as a local variable.
CVE-2017-15855
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, the camera application triggers "user-memory-access" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in u...
CVE-2018-3567
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing the HTT_T2H_MSG_TYPE_PEER_MAP or HTT_T2H_MSG_TYPE_PEER_UNMAP messages.
CVE-2018-3568
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, in __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur.
CVE-2018-5827
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing an extscan hotlist event.