DOCSLIB.ORG

SUCCESS STORY. Security Software Porting from Netware to Novell Linux

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
SUCCESS STORY. Security Software Porting from Netware to Novell Linux SUCCESS STORY. >_ >_ Security Software Porting From Netware To Novell >_ Linux About the The Client is a leader in the development of real-time monitoring, auditing and computer forensics Client technologies for Windows and Novell networks. Its ⧄agship product is used to secure the assets of the world’s largest corporations, banks, and government agencies, educational and healthcare institutions. Business The Client had a signi⣴cant install base for its ⧄agship software on Novell Netware OS. Novell’s Challenge adoption of Linux as the migration path for Netware OS created both an opportunity and a challenge for the Client. To continue supporting its Netware user base through Linux migration, the client wanted to port its monitoring and auditing solution to support SUSE Linux, Novell eDirectory and NSS (Novell Storage Services). The Client did not have in-house Linux Systems programming expertise, especially with ⣴le systems & security knowledge and approached Silicus. Silicus The software had two parts – the agent (client) and the server. The agent was a module that was Solution installed on the PC’s to be audited, and sends information on PC activities to a server installed at a centralized location. Termination of Netware required the agent to be re-developed/ported to Linux. Silicus commenced a feasibility study to address a few unknowns in the project: • Identify the auditing modules available on SuSE Linux • XML libraries that could be used • Multi-threading architecture to be used for agent development Silicus created a software architecture and design for the remote management agent. The agent was developed leveraging 3rd party tools to perform the auditing, monitoring of the Linux systems and communication with the remote server. AGENT DEVELOPMENT Agent was developed using C, C++ language on SuSE Linux. Libxml2 XML C libraries were used for parsing XML ⣴les that were output from the agent. Agent was designed for higher performance without OS overhead through the use of Pthreads or POSIX threads. Pthreads help realize performance gains by creating multi-threaded programs. AUDITING AND MONITORING • Inotify linux kernel sub system API for ⣴le and directory monitoring • Novell API for NSS and eDirectory for auditing • Connectivity and Server Communication IP*Works! and IP*Works! Secure SNMP was used for building secure integration between the agent and server, for SNMP and SMTP alerts. The tools incorporated security features for authentication, authorization, and access control. PACKAGING AND DEPLOYMENT RPM Package Manager (a.k.a Red Hat Package Manager) was used for agent packaging and deployment. Technologies LANGUAGES PLATFORM Used C, C++ Linux TOOLS / LIBRARIES (IF ANY) IP*Works, RPM Package Manager, inotify API, Novell API and Libxml2 libraries Client ACCELERATED TIME TO MARKET Bene⣴ts The Client wanted to offer a Linux migration path as early as possible and avoid impacting an existing revenue stream from its Netware install base. Additionally, the client wanted to leverage this opportunity to gain competitive advantage. Silicus helped the client quickly achieve its goals leveraging its Linux systems programming expertise. LOWER RISKS THROUGH RELIABLE, PREDICTABLE PROCESSES A mature and process oriented approach towards requirements assessment, design, development and testing provided visibility and predictability of project progress at all times, signi⣴cantly reducing the software engineering risks. EXPERTISE FROM LOW COST LOCATION Developing a security auditing and monitoring solution using C, C++ on SuSe Linux requires fairly niche skills. The client leveraged Silicus expertise from a cost effective location to achieve signi⣴cant monetary gains. 2700 Post Oak Blvd, Suite 1625 | Houston, TX 77056 | www.silicus.com | (866) 912-8855 | [email protected] • Houston, TX • Dallas, TX • Atlanta, GA • San Jose, CA • Newark, NJ • Columbus, OH • Pune, India © Copyright 2016 Silicus Technologies, LLC..
Load more

Recommended publications
  • Novell Management Tools
    04 0789729849_ch03.qxd 11/10/03 12:43 PM Page 91 CHAPTER 3 Novell Management Tools Using ConsoleOne ConsoleOne is a Java-based tool for managing your network and its resources. It can be launched by running CONSOLEONE.EXE from where it was installed (default: SYS:PUBLIC\MGMT\CONSOLEONE\1.2\BIN). By default, it lets you manage Novell eDirectory objects, schema, parti- tions, and replicas and NetWare server resources. If you install other Novell products, the appropriate management capabil- ities are automatically snapped into the version of ConsoleOne installed on that server. ConsoleOne is installed during the NetWare 6.5 installation, but can also be re-installed or installed locally from the Novell client’s CD. ConsoleOne also supports remote server console access through a Java applet called RConsoleJ. To access the NetWare 6.5 server console remotely, launch ConsoleOne and browse to the desired server. Select Tools, and then Remote Console. Accessing Web Manager Web Manager is a Web-based “home page” for accessing most of the NetWare 6.5 Web-based tools and services. To access Web Manager, open your Web browser and enter your Web server’s domain name or IP address, followed by a colon and the Web Manager port, which by default is 2200. For example: 04 0789729849_ch03.qxd 11/10/03 12:43 PM Page 92 92 PART I Getting Started https://www.quills.com:2200 or https://137.65.192.1:2200 Accessing iManager iManager provides role-based management of your NetWare network, together with a nearly comprehensive set of administrative tools.
    [Show full text]
  • Novell Cluster Services,. for Linux. and Netware
    Novell Cluster Services,. for Linux. and NetWare. ROB BASTIAANSEN SANDER VAN VUGT Novell PRESS. Novell. Published by Pearson Education, Inc. 800 East 96th Street, Indianapolis, Indiana 46240 USA Table of Contents Introduction 1 CHAPTER 1: Introduction to Clustering and High Availability 5 Novell Cluster Services Defined 5 Shared Disk Access 6 Secondary IP Addresses 7 Clustering Terminology 8 High-Availability Solutions Overview 12 Novell Cluster Services 12 Business Continuity Clustering 13 PolyServe Matrix Server 15 Heartbeat Subsystem for High-Availability Linux 16 When Not to Cluster Applications 16 Availability Defined 18 High Availability Defined 18 Calculating Average Downtime 21 Avoiding Downtime 22 Hardware 22 Environment 23 Software 23 Procedures 24 Novell Cluster Services Requirements 24 Hardware Requirements 24 Software Requirements 26 CHAPTER 2: Examining Novell Cluster Services Architecture 27 Novell Cluster Services Objects and Modules 27 Cluster eDirectory Objects 28 Cluster Modules 31 IH Novell Cluster Services for Linux and NetWare Heartbeats, Epoch Numbers, and the Split Brain Detector 35 Removing a Failing Slave Node 36 Removing a Failed Master Node 37 Summary 37 CHAPTER 3: Clustering Design 39 Cluster Design Guidelines 39 How Many Nodes to Choose 39 Using a Heartbeat LAN or Not 40 Use NIC Teaming 41 Choosing Storage Methods 42 Mirror the Split Brain Detector Partition 48 Selecting Applications to Run in a Cluster 48 eDirectory Cluster Guidelines 50 Creating a Failover Matrix 52 Application-Specific Design Guidelines
    [Show full text]
  • DR DOS for the Zfx86
    DR DOS for the ZFx86 Cost Effective, Reliable, Rapid Deployment of Embedded Systems w DR DOS on the ZFx86 gets products to market quickly at the lowest development and ownership cost. w Thousands of compatible applications, drivers and utilities available free or at minimal cost. w Full documentation available. DR DOS 7.03 Key Features of DR DOS Online Manual - DRDOS is supplied with a complete The ideal embedded DOS system, online manual that contains detailed information about all designed for out-of-the-box of the features of the operating system including the basic implementation into ROM or Flash commands, and the advanced utilities. It also has online ROM with tools and associated help available for all its commands. documents available in the DRDOS Memory Management - Memory management features OEM Documentation Kit. include a set of device drivers and commands that enable w 100% MS-DOS 6.22 compatible.. you to manage memory efficiently and make as much memory as possible available to your applications. w Comprehensive DOS utility set DOS Protected Mode Services - DOS Protected Mode w Multitasking, with API for developers Services (DPMS) interface allows specially-implemented w DPMS memory manager in addition to DPMI device drivers and TSRs to operate in extended memory. w Stacker disk compression This makes more memory within the first megabyte w NWCACHE - disk caching program available to applications and other conventionally-written drivers and TSRs. Both Stacker* (the disk compression w EMM386 memory manager program), and NWCACHE (the disk cache) use DPMS. w DOS Protected Mode Services (DPMS) Disk Compression - The disk compression component w Multitasking enables you to store more information by compressing the w DR-DOS provides a full multitasking environment data.
    [Show full text]
  • Netware 6 Server Management CHAPTER 3
    04 9814 ch03.qxd 8/19/04 9:32 AM Page 165 CHAPTER 3 NetWare 6 Server Management CHAPTER 3 This chapter covers the following testing objectives for Novell Course 3004: Novell Network Management: . Use NetWare Remote Manager . Identify What iMonitor Is and How to Use It . Use iMonitor to Diagnose and Repair eDirectory Problems . Set Up and Configure NSS . Monitor, Manage, and Rebuild NSS Storage Space . Set Up SMS for SBCON and NWBACK32 . Back Up Data with SBCON and NWBACK32 . Restore Data with SBCON and NWBACK32 Novell is directing the construction of the world’s central information super- highway with the help of you, me, and thousands of other electronic transit workers (orange vest optional). NetWare 6 further revolutionizes Novell’s oneNet strategy with the introduction of Web-enabled administration tools, highly scalable networking protocols, and multiprocessor support. Implementing these components makes your job easier and provides your users with more reliable network access. Welcome to anytime, anywhere advanced administration via NetWare 6. As a network administrator, it’s your responsibility to focus on the NetWare 6 network to ensure that it stays fine-tuned and in peak condition. In Chapter 1, “NetWare 6 Installation,” and Chapter 2, “NetWare 6 Upgrade and Migration,” we began our NetWare 6 CNE journey by building the cor- nerstone of your network—the NetWare 6 server. Now it’s time to super- charge the network. 04 9814 ch03.qxd 8/19/04 9:32 AM Page 166 166 PART I Novell Network Management for NetWare 6 This chapter focuses on three key areas related to managing your NetWare 6 server: .
    [Show full text]
  • An Overview of the Netware Operating System
    An Overview of the NetWare Operating System Drew Major Greg Minshall Kyle Powell Novell, Inc. Abstract The NetWare operating system is designed specifically to provide service to clients over a computer network. This design has resulted in a system that differs in several respects from more general-purpose operating systems. In addition to highlighting the design decisions that have led to these differences, this paper provides an overview of the NetWare operating system, with a detailed description of its kernel and its software-based approach to fault tolerance. 1. Introduction The NetWare operating system (NetWare OS) was originally designed in 1982-83 and has had a number of major changes over the intervening ten years, including converting the system from a Motorola 68000-based system to one based on the Intel 80x86 architecture. The most recent re-write of the NetWare OS, which occurred four years ago, resulted in an “open” system, in the sense of one in which independently developed programs could run. Major enhancements have occurred over the past two years, including the addition of an X.500-like directory system for the identification, location, and authentication of users and services. The philosophy has been to start as with as simple a design as possible and try to make it simpler as we gain experience and understand the problems better. The NetWare OS provides a reasonably complete runtime environment for programs ranging from multiprotocol routers to file servers to database servers to utility programs, and so forth. Because of the design tradeoffs made in the NetWare OS and the constraints those tradeoffs impose on the structure of programs developed to run on top of it, the NetWare OS is not suited to all applications.
    [Show full text]
  • Novell Netware 6
    Manual December 10, 200289 Novell NetWare 6 www.novell.com OVERVIEW AND INSTALLATION GUIDE 100-004725-001 NetWare 6 Overview and Installation Guide 100-004725-001 February 25, 2003 Novell Confidential Manual December 10, 200289 Legal Notices Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes. This product may require export authorization from the U.S. Department of Commerce prior to exporting from the U.S. or Canada. Copyright © 2002 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without the express written consent of the publisher. U.S. Patent No. 5,157,663; 5,349,642; 5,455,932; 5,553,139; 5,553,143; 5,572,528; 5,594,863; 5,608,903; 5,633,931; 5,652,859; 5,671,414; 5,677,851; 5,692,129; 5,701,459;
    [Show full text]
  • History of Operating Systems
    System Architecture History of Operating Systems Some slides from A. D. Joseph, University of Berkeley See also: www.osdata.com/kind/history.htm www.armory.com/~spectre/tech.html courses.cs.vt.edu/~cs1104/VirtualMachines/OS.1.html en.wikipedia.org/wiki/History_of_operating_systems © 2008 Universität Karlsruhe (TH), System Architecture Group 1 Moore’s Law Drives OS Change 1981 2006 Factor CPU MHz, 10 3200x4 1,280 Cycles/inst 3—10 0.25—0.5 6—40 DRAM capacity 128KB 4GB 32,768 Disk capacity 10MB 1TB 100, 000 Net bandwidth 9600 b/s 1 Gb/s 110,000 # addr bits 16 32 2 #users/machine 10 1 0.1 Price $25,000 $4,000 0.2 Typical academic computer 1981 vs 2006 © 2008 Universität Karlsruhe (TH), System Architecture Group 2 Moore’s Law Effects Nothing like this in any other area of business Transportation in over 200 years: Only 2 orders of magnitude from horseback @10mph to Concorde @1000mph Computers do this every decade What does this mean for us? Techniques have to vary over time to adapt to changing tradeoffs Let’s place a lot more emphasis on principles The key concepts underlying computer systems Less emphasis on facts that are likely to change over the next few years… Let’s examine the way changes in $/MIP has radically changed how OS’s work © 2008 Universität Karlsruhe (TH), System Architecture Group 3 Dawn of Time ENIAC: (1945-55) “The machine designed by Eckert and Mauchly was a monstrosity. When it was finished, the ENIAC filled an entire room, weighed 30 tons, and consumed 200 kilowatts of power.” http://ei.cs.vt.edu/~history/ENIAC.Richey.HTML © 2008 Universität Karlsruhe (TH), System Architecture Group 4 History Phase 1: 19481948--7070 Expensive Hardware Cheap Humans © 2008 Universität Karlsruhe (TH), System Architecture Group 5 History of Systems History OS: Evolution Step 0 APP OS Hardware Simple OS: One program, one user, one machine: examples: early computers, early PCs, embedded controllers such as Nintendo, cars, elevators OS just a library of standard services, e.g.
    [Show full text]
  • SCO® Unixware® 2.1 Technical Summary
    SCO® UnixWare® 2.1 Technical Summary An SCO Technical White Paper February 1996 TM An SCO Technical White Paper Version 1.1 INTRODUCTION .......................................................................................................................................4 SCO UNIXWARE 2.1 STRENGTHS .......................................................................................................................................................5 WHAT’S NEW IN SCO UNIXWARE 2.1..................................................................................................................................................6 SCO UNIXWARE 2.1 PRODUCT LINE OVERVIEW .....................................................................................8 SCO UNIXWARE 2.1 SYSTEM OVERVIEW ..............................................................................................10 INSTALLATION REQUIREMENTS SCO UNIXWARE 2.1...............................................................................................................................10 APPLICATION SUPPORT .....................................................................................................................................................................10 THE SCO UNIXWARE 2.1 KERNEL: INSIDE A HIGH-PERFORMANCE ENGINE ..................................................................................................10 UnixWare 2.1 Symmetrical Multi-Processing and Threads ............................................................................... 11 SCO UnixWare
    [Show full text]
  • Netware Is a Registered Trademark of Novell, Inc., in the United States and Other Countries
    Quick Starts December 6, 1999 Novell Confidential doc_tpl.fm Rev 99a 22 November 99 Legal Notices Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes. This product may require export authorization from the U.S. Department of Commerce prior to exporting from the U.S. or Canada. Copyright © 1993-2000 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without the express written consent of the publisher. U.S. Patent Nos. 4,555,775; 5,157,663; 5,349,642; 5,455,932; 5,553,139; 5,553,143; 5,594,863; 5,608,903; 5,633,931; 5,652,854; 5,671,414; 5,677,851; 5,692,129; 5,758,069; 5,758,344; 5,761,499; 5,781,724; 5,781,733; 5,784,560; 5,787,439; 5,818,936; 5,828,882; 5,832,275; 5,832,483; 5,832,487; 5,859,978; 5,870,739; 5,873,079; 5,878,415; 5,884,304; 5,893,118; 5,903,650; 5,905,860; 5,913,025; 5,915,253; 5,925,108; 5,933,503; 5,933,826; 5,946,467; 5,956,718; 5,974,474.
    [Show full text]
  • Chap 1 Netwarebook
    FMT1000 Series Remote Boot Setup Guide 70-16672-01 Revision A October 1995 1995 by Symbol Technologies, Inc. All rights reserved. No part of this publication may be reproduced or used in any form, or by any electrical or mechanical means, without permission in writing from Symbol. This includes electronic or mechanical means, such as photocopying, recording, or information storage and retrieval systems. The material in this manual is subject to change without notice. The software is provided strictly on an “as is” basis. All software, including firmware, furnished to the user is on a licensed basis. Symbol grants to the user a non-transferable and non-exclusive license to use each software or firmware program delivered hereunder (licensed program). Except as noted below, such license may not be assigned, sublicensed, or otherwise transferred by the user without prior written consent of Symbol. No right to copy a licensed program in whole or in part is granted, except as permitted under copyright law. The user shall not modify, merge, or incorporate any form or portion of a licensed program with other program material, create a derivative work from a licensed program, or use a licensed program in a network without written permission from Symbol. The user agrees to maintain Symbol’s copyright notice on the licensed programs delivered hereunder, and to include the same on any authorized copies it makes, in whole or in part. The user agrees not to decompile, disassemble, decode, or reverse engineer any licensed program delivered to the user or any portion thereof. Symbol reserves the right to make changes to any software or product to improve reliability, function, or design.
    [Show full text]
  • 12 Networks and Windows 3.1
    Chapter 12 Networks and Windows 3.1 This chapter contains some tips about using a network with Microsoft Windows 3.1, plus notes about using specific networks with Windows. Related information • Windows User’s Guide: “Managing Network Printing” in Chapter 6, “Print Manager”; Appendix A, “Windows and Networks” See also Chapter 1, “Setting Up Windows,” and Chapter 4, “Troubleshooting,” in the Getting Started booklet, and the NETWORKS.WRI file in your WINDOWS directory • Windows Resource Kit: “Troubleshooting Networks” in Chapter 13, “Troubleshooting Windows 3.1”; “ PC -NFS and Windows 3.1” in Appendix D, “Articles” Contents of this chapter About Networks and Windows 3.1...................................................................368 Running a Shared Copy of Windows.........................................................368 Memory, Windows, and the Network........................................................370 Creating Custom User Environments.........................................................374 3Com Networks................................................................................................374 Artisoft LAN tastic .............................................................................................376 LAN tastic Versions 3.x ..............................................................................376 LAN tastic Versions 4.x ..............................................................................377 Banyan VINES ..................................................................................................377
    [Show full text]
  • Unix As an Application Server in a Network Operating System Environment
    50-30-30 DATA COMMUNICATIONS MANAGEMENT UNIX AS AN APPLICATION SERVER IN A NETWORK OPERATING SYSTEM ENVIRONMENT Scott Koegler INSIDE Integrating with the Networking Environments, Network Server vs. Application Server, File Service, Printing across the Network, Internet/Intranet Services, Coping with a Mixed Environment INTRODUCTION Networks have evolved to become the mainstay of corporate America. Millions of personal computers are connected to network servers run- ning applications ranging from personal productivity to corporate ac- counting, yet the demands on the network continue to increase. These demands typically take two forms. The first is the availability of applica- tion software specifically tailored to the operations of an organization. The second is the need to run processor-intensive applications in a per- sonal computing environment. Both of these situations require in- creased horsepower from individual computing components, and in some cases the required horsepower is just not available from net- worked components. Today’s network architectures have been maximized to provide su- perb performance for file and print sharing tasks, but still may not always offer the level of performance required. Although the network operating system can provide network servic- es, it is not typically optimized for PAYOFF IDEA application processing. Even in those Today’s distributed systems can become highly cases where an application can be complex even when the network is homoge- run on a network server, doing so neous. Maintaining a consistent NOS environ- may degrade the performance of the ment lets network administrators develop a depth entire network, making the proposi- of understanding that often leads to better effi- ciencies in both day-to-day operations and in tion counterproductive.
    [Show full text]