TechAgility

A very neat article that outlines part of the process that makes it quite difficult to track and identify the Spammers etc..

Fast Flux DNS and the Online Black Economy
As much as I hate hackers, there is a certain amount of heart-felt respect I have for them. Despite their intentions, their technical ability is at times simply astonishing. It seems nowadays that more and more hackers are becoming astute business people in one of the toughest environments imaginable; and their achieving this through creating worldwide botnets, with the nerve centre hidden using a technique known as ‘fast-flux DNS.’

However firstly, the business acumen of these people seems to be something of growing significance. They have created pricing structures to sell off credit card details to bank account information to anyone who might be interested. Furthermore they cover their tracks through money laundering tens of thousands of dollars through bank accounts of vulnerable targets such as businesses in serious debt. The thing that is of interest though is the fact that their business network is loosely coupled, with relationships being built up and torn down in a very short space of time, making them very difficult to track.

So with the online black economy growing, how do the kingpins structure their empires? One of the most prevalent worms in 2007 has been Storm. Rearing it’s ugly head on January 17, it’s compromised countless systems from personal PCs, to business, government, education, and even military computers. The success of the worm has partially been due to a diverse hacker developer base who find new ways to create releases that side-step improvements to a system’s security. Essentially the technical and business model operates in the following way:

Traditionally the botnets have been designed to receive commands from the Botnet Herder through IRC networks. From the defender’s point of view, this single point of weakness has been relatively simple to disable, hence bringing down the threat quite easily.

However the growing trend now is to use what’s called Fast-Flux DNS (this is broken down further into Single-flux and Double-flux). The idea behind fast-flux is to register a domain name, which resolves to a host that changes as quickly as every three minutes. This is achieved through a combination of Round Robin DNS, with a very short TTL. From a defender’s point of view it’s a nightmare, as you could be chasing down a certain IP, the DNS switches, and you’re no longer dealing with a valid host.

Logically, you’d then assume that the single point of weakness would move to the domain registar, and you could simply take down the domain. Unfortunately registrars are somewhat reserved in pulling down the name, as pulling down a valid site would spell catastrophe for them in terms of support calls from the owner of the domain, and the serious threat of severe legal action.

more at source… Geekswithblogs.net

written by dcaddick

I found this article today at CIO via an Article at Doug Browns site www.dabcc.com and thought it too good to just post the quote. This is exactly why Virtualization is shaking up the IT market so much - it has the capacity to drastically change the way you think about "Flexibility" and "Agility".

Being able to provision on the fly in 30 minutes or so doesn’t hurt either - and it’s this very reason that makes concepts like VDI seem so very attractive.

Virtualization at Warp Speed: How One Company Made it Fly

Want to virtualize 95 percent of your production servers within a year? Vincent Biddlecombe did. Here’s how the CTO of logistics company Transplace went from having no virtualization expertise in house to running the company’s mission-critical app on a VM.

By Laurianne McLaughlin

December 12, 2007 — CIO — Many CIO’s wonder how far and how fast they can run with virtualization right now. Once you get an initial taste of the cost savings, flexibility, and speed of provisioning that server virtualization enables, you want to make a fast break for a larger victory. Vincent Biddlecombe, CTO of Transplace, doesn’t wonder anymore: He just completed an instructive sprint.

Since mid-2007, Biddlecombe has virtualized almost all the production servers at Transplace, a third-party transportation logistics provider. (The company helps customers such as retail chain stores maximize efficiency in their supply chain and shipping activities.) And he’s been running his company’s most critical application—a home-grown transportation system—on a VMware ESX environment for a month now, with no major hiccups.

By the way, Biddlecombe didn’t have any virtualization or VMware expertise in house among his 100 IT staffers when he started this project: "We were a Sun group," he says. To address this issue, he hired a consulting partner, Catapult Systems, to bring VMware knowledge to his group.

Timing is Everything

For Transplace, the 2007 sprint toward virtualization made sense on both a business level and a technology level, Biddlecombe says. The business desire: Transplace works with its customers via Software-as-a-Service (SaaS), so the company needs the best scalability, availability and manageability they can get for hosting customer data. Virtualization appealed for both disaster recovery and scalability reasons, Biddlecombe says. "We can simply add capability as we need it."

On the technology side, Transplace’s internal systems were due for a facelift. In early 2007, Transplace decided to move its production data center from the corporate office in Plano, Texas, to an offsite co-location facility in nearby Dallas. (Transplace also has a test/development and disaster recovery facility in Lowell, Ark.) At about this time, the company was due to upgrade its server hardware, Biddlecombe says, so it made sense to roll out the virtualization effort with that server upgrade.

For Transplace’s database applications, he switched from Sun servers (running Solaris) to IBM mid-range servers (p570 servers using the Power6 processor and running AIX). For Transplace’s middle-tier servers, he switched from Sun servers to Dell PowerEdge 2950 servers, using VMware’s ESX Server software for virtualization. (For storage, Transplace chose Network Appliance’s FAS 3070 storage systems.)

"We wanted to provide an environment where we could have maximum availability between our production and disaster recovery data centers," Biddlecombe says. "By using a combination of VMware with the storage, we’ve effectively copied our servers out to the disaster recovery center."

Today, Transplace’s production environment is almost completely virtualized, and Biddlecombe estimates it will be 95 percent virtualized by year’s end. That’s quite an achievement, says Burton Group research analyst Chris Wolf. "From my experience, organizations that are able to virtualize 40 percent of their servers in a year are doing really well," Wolf says.

In total, Biddlecombe’s IT group now runs about 110 VMs. In fact, the only significant applications that he’s not running on a VM right now are his Microsoft Exchange servers and SQL server databases—both known for being extremely I/O intensive. (They hog resources on physical servers to the point that it doesn’t make sense to virtualize them in many cases).

The Mission-Critical App Goes Virtual

The thought of running mission-critical ERP applications on a virtual machine makes many CIO’s nervous—too nervous to try it (even now that ERP giant SAP has announced support for its products running on VMware.) But not Biddlecombe. As for Transplace’s mission-critical app, a transportation management system, the first month of its virtualized run, coming to a close now, has proven pretty uneventful, Biddlecombe says. He saw no major pitfalls or performance issues.

This transportation management system determines, for instance, which orders need to be shipped together for consolidation purposes, how the order should be best shipped (parcel, full truckload or other options), which shipping carrier is optimal, and so on. This system also handles freight audit and payment. Effectively serving as Transplace’s ERP system, the transportation system handles 4 million shipments per year, or about $2.75 billion in transportation spending annually. Developed in-house using Java, it runs on BEA WebLogic application servers and Oracle for database work.

Biddlecombe has dedicated 50 VMs to support the components of the transportation system running on WebLogic, and 50 to 60 VMs for some other components and everything else.

To determine the right number of VMs and balance workloads on the servers running those crucial VMs, the IT team did extensive prototyping. But they had an advantage that not all companies have with their ERP systems: Since the transportation system software was developed in-house, Biddlecombe’s team knew a lot of its performance quirks already. "We’re intimately familiar with what our software needs," says Biddlecombe, who has been with Transplace for three years and served as CTO for fifteen months.

Interestingly, Biddlecombe has not found it necessary yet to invest in any new third-party management tools from any of the virtualization upstarts, though he is scoping out one emerging need. Favoring a layered monitoring approach, he currently uses HP’s Business Availability Center tools at the top level, HP’s SiteScope at the next level (measuring factors like memory utilization in every app in every VM) and then network and database monitoring tools. He’s also using VMware’s vMotion tool to move VMs around as needed.

"The one area we haven’t addressed is, are all the VMs sized properly," Biddlecombe says. "I think we’ve given some VMs more memory than they need. Our emphasis to date has been application performance. The last layer will be reducing VM resources so they have just enough," he says. The IT team can get some of the memory data from the SiteScope tool, but they have to do one VM at a time, he notes. This is the need that’s making him consider finding another management tool.

For securing the virtual environment, Transplace’s IT team applies the same security tools (McAfee antivirus and others) and practices that they would with a physical server, Biddlecombe says.

Provisioning in 30 Minutes or Less

As for metrics to prove his success, Biddlecombe says he wasn’t able to do many before and after comparisons because so many factors changed at once: a new data center location, new hardware and all those new VMs all got wrapped up into the same effort. What he can measure however, is how quickly he can provision a new server or new computing power to the business side. It used to take him a week to provision a server: Now it takes 30 minutes.

"We have gained a dramatically increased capacity to provision new servers, and more scalability," he says.

The ability to scale to add VMs right away helps Transplace deal with any spikes in data throughput from its customers: "Because we’re SaaS, our customers benefited immediately," he says.

And when IT wants to create a test and development VM, or a business executive needs a new customer demonstration environment, IT can do it within the half hour, he notes.

In another benefit of the highly-virtualized environment, the servers at the disaster recovery site can serve double duty, Biddlecombe says. They can be test VMs one moment, and disaster recovery the next. "We don’t have to have 100 servers just standing there waiting for disaster," he says.

What’s next on Biddlecombe’s to-do list with regards to virtualization? He’ll continue to ensure that the backup strategy is solid, he says. "There’s this concept that I’m putting a lot of eggs in one basket," he says. "We use VMware Consolidated Backup, but you also have to make sure all your OS patches are applied, backups done properly. You want to make sure you’re doing the blocking and tackling."

Other stories by Laurianne McLaughlin

© 2007 CXO Media Inc.

Virtualization at Warp Speed: How One Company Made it Fly - CIO.com - Business Technology Leadership

written by dcaddick

I am so glad to have noticed this while in the office I can set the download going while I head off for Lunch, although I’m not sure I’m going to have too much time to play over the weekend as the missus clearly has ideas of Xmas shopping and taking advantage of the sunny weather this weekend?

Microsoft launches Hyper-V beta 1

Thursday, December 13, 2007   |   0 Comments

Completely unexpected Microsoft launches today the first beta of its upcoming hypervisor Hyper-V (formerly codename Viridian / Windows Server Virtualization).

This first beta, initially planned for the end of this year, was later postponed to February 2008, in sync with the global launch of Windows Server 2008 (formerly codename Longhorn). But Microsoft put a great effort to launch the beta ahead of time and disturb the VMware launch of VI 3.5.

The new build unlocks several critical features customers were looking for:

• Quick Migration and support for host-level HA (up to 16 nodes)
• Out-of-the-box integration with Windows Server 2008 Server Manager (no more separate installation)
• Support for Windows Server Core edition (allowing a smaller hypervisor footprint)
• Support for Volume Shadow Service (VSS) (which implies capability to perform VMs live backup at host level)
• Support for 64GB virtual RAM per VM
• Support for multiple virtual NICs per VM
• Support for 4 virtual SCSI controller per VM
• Integration of VHD manipulation tools

With this beta Microsoft is providing support for Windows Server 2003 and 2008 guest OS, as well as Novell Linux guests (thanks to the special agreement the two companies have on interoperability).

Once again Hyper-V is directly included into Windows Server 2008 code, this time inside the Release Candidate 1 (Enterprise Edition, 64bit only).

Enlightments for Linux guest OS instead are available through a separate beta program on Connect.

virtualization.info: Microsoft launches Hyper-V beta 1

written by dcaddick

Well this certainly sounds good, but I seem to recall that a few years ago there was the Cappuccino PC and the AOpen, just to name a few and there is also a good web site at www.worldssmallestpc.com that has a whole range of devices that come under the small form factor banner.

The main change with this particular unit would appear to be the lack of an optical drive which frees up the design criteria allowing a much narrower profile from the front and consequently a reduction in volume for the overall unit, It’s also getting less important to support an optical drive what with the growth in size of the USB storage capacity etc.

I did also note that there appears to be something looking like a TV input on the eBox-4300? but using one of these as a HTPC or Media Extender might be pushing the envelope a bit?

World’s smallest Windows XP system?

DMP Electronics (aka Icop) has announced a tiny silent PC claimed to be the smallest system in the world capable of running Windows XP. The eBox-4300 measures 4.5 x 4.5 x 1.4 inches, has a 500MHz x86-compatible Via processor, and supports up to 1GB or RAM.
(Click here for a larger view of the eBox-4300)

If the eBox-4300 looks familiar, that’s because it uses the same case as DMP Electronic’s earlier eBox-2300SX, based on its own 300MHz Vortex86SX SoC. The eBox-2300SX, in turn, is an upgraded version of the eBox-2300 that Microsoft has for several years provided as a development system to competitors in the Embedded Development category of its Imagine Cup student competition.
Is it really the smallest?
For the eBox-4300 truly to be the "world’s smallest system running Windows XP," CompactFlash would have to be used, either with Windows XP Embedded or with Windows XP Professional installed via a USB CD-ROM drive. Eight megabytes (8MB) is probably the smallest practical amount of storage for XP Pro; at the time of writing, 8GB CompactFlash cards sell for approximately $75, while 16GB cards approach $200.

PicoPC1
(Click for details)

With a volume of 28.35 cubic inches, though, the eBox-4300 faces a serious rival in the form of the Sharp and Tappin picoPC1 and picoPC2 (pictured at right) based on Via’s Epia PX10000G pico-ITX main board. The picoPC1 is a flash-only system with a volume of just 25.5 cubic inches, and the picoPC2 packs a 2.5-inch hard drive into a 32.3-inch volume. Other contenders in the tiny XP-capable PC arena are CompuLab’s recently shipped fit-PC and Manufactum’s Manuscriptum.
These and other low-cost thick client systems have been shrinking steadily, but bragging rights for diminutive size will likely always go to devices specifically designed to be portable. OQO’s Model 2, for instance, measures just 18.5 cubic inches, including a 5-inch display, the capability of running Windows XP or Vista from a 120GB hard drive, and EV-DO wireless WAN capabilities. Ranging from approximately $1,300 to $2,400 depending on options, the OQO likely costs as much as five eBox-4300 systems, however.

OQO Model O2 is smaller, but costs nearly $1,500
(Click for details)

The eBox 4300
While retaining the eBox-2300[SX]’s size and weight (18 ounces), the eBox-4300 shifts to a slightly higher gear, employing the 500MHz Eden ULV processor introduced by Via in August. The tiny box also uses Via’s CX700M integrated northbridge/southbridge.
According to Via, this processor and companion chip consume a combined maximum of 4.5 watts. Understandably, then, the little eBox-4300 is able to operate without a fan. Its light weight also allows the system to be hung from the back of any monitor that sports VESA standard mounting holes, according to DMP.

eBox-4300 ports

The eBox-4300 comes with 512MB of DDR2 RAM onboard and is said to accept up to 1GB. The PC also features Via’s UniChrome Pro II 3D/2D graphics core, offering acceleration for MPEG-2/-4 and WMV9 decoding, plus a VGA output that is said to support resolutions up to 1920 x 1440 pixels.
While the eBox-4300 apparently does not have room for a hard drive internally, it does offer an internally accessible EIDE (UltraDMA 133) connector that could be used to add one. Storage could also be added via the system’s three USB ports (two on the front, one on the rear), or its Type II/III CompactFlash slot.
Features and specifications listed by DMP/Icop for the eBox-4300 include:

• Processor — Via Eden ULV processor clocked at 500MHz
• Memory — 512MB of DDR2 RAM, expandable to 1GB
• Display — Via UniChrome II, supporting resolutions up to 1920 x 1440 pixels
• Networking — 1 x 10/100 Ethernet port (Realtek RTL8100B chipset)
• Other I/O:
  • 2 x RS-232
  • VGA
  • 1 x PS/2 (supports keyboard and mouse with Y-adapter)
  • 1 x EIDE (UltraDMA 133)
  • Audio — mic in, line out
• Expansion:
  • 1 x Type II/III CompactFlash slot
  • 1 x miniPCI socket
• Dimensions — 4.5 x 4.5 x 1.4 inches
• Weight — 18 ounces
• Operating temperature — 0 to 60 deg. C (32 to 140 deg. F)

According to ICOP, the eBox-4300 will be available in January. Operating system support was cited as being for Windows XP Embedded and "XP-oriented platforms," although the device should also support XP Pro with a large enough CompactFlash card or external drive. Additionally, Linux support seems likely to arrive in due course, given that a variant of the earlier eBox-2300 was recently billed as the world’s lowest cost Linux thin client by Bangkok-based Norhtec.

World’s smallest Windows XP system?

written by dcaddick