Evaluation of the CSF Firewall

Total Page:16

File Type:pdf, Size:1020Kb

Evaluation of the CSF Firewall Bachelor Thesis in Software Engineering, 15 credits May 2013 Evaluation of the CSF Firewall Ahmad Mudhar Contact Information: Ahmad Mudhar E-mail: [email protected] University advisor: Kari Rönkkö Nina Fogelström School of Computing Internet : www.bth.se/com Blekinge Institute of Technology Phone : +46 455 38 50 00 SE-371 79 Karlskrona Fax : +46 455 38 50 57 Sweden 1 Abstract The subject of web server security is vast, and it is becoming bigger as time passes by. Every year, researches, both private and public, are adding to the number of possible threats to the security of web servers, and coming up with possible solutions to them. A number of these solutions are considered to be expensive, complex, and incredibly time-consuming, while not able to create the perfect web to challenge any breach to the server security. In the study that follows, an attempt will be made to check whether a particular firewall can ensure a strong security measure and deal with some security breaches or severe threat to an existing web server. The research conducted has been done with the CSF Firewall, which provides a suit of scripts that ensure a portal’s security through a number of channels. The experiments conducted under the research provided extremely valuable insights about the application in hand, and the number of ways the CSF Firewall can help in safety of a portal against Secured Shell (SSH) attacks, dedicated to break the security of it, in its initial stages. It further goes to show how simple it is to actually detect the prospective attacks, and subsequently stop the Denial of Service (DoS) attacks, as well as the port scans made to the server, with the intent of breaching the security, by finding out an open port. By blocking the IP Addresses of the attackers dedicated to such an act, preventing them from creating nuisance, the CSF Firewall has been able to keep alien intrusions away from the server. It also aids in creating a secure zone for the server, to continue smoothly, while alerting the server administrators of the same, and gives them an opportunity to check those threatening IPs, and the time of attack, makes sure that the server administrators stay alert in the future, and is able to keep an eye on such attacks. In doing this, the experiment adds valuable data in the effective nature of the CSF Firewall. Keywords: CSF Firewall, Iptables, Firewall, Web server Security, SPI, Configserver Security & Firewall, SYN-flood, DoS attack, Port Scan, Exploit checks, Firewall notifications, SSH attacks 2 ACKNOWLEDGEMENT In the name of Allah, the most beneficial and merciful I begin writing this research paper. I am very thankful to Dr. Kari Rönkkö, my university supervisor, who has helped me, by giving me his support and guidance, and with his knowledge that helped in the completion of this thesis. I also want to thank the great man that I´m missing today, my grandfather, who taught me how to make sentences. I am very thankful to my father and mother for their endless support and love. Ahmad Mudhar 3 Table of Contents Page 1. Introduction 8 2. Theory 12 3. Methods 13 3.1 Literature Review 13 3.2 Experiment 14 3.3 Experiment Requirements 15 3.4 Experiment Configuration 17 3.5 Executing the Experiment 23 4. Results 24 4.1 Results of Literature Review 24 4.2 Experiment Results 25 5. Discussion 28 6. Conclusion 28 References 30 4 LIST OF FIGURES Figure Number Page 1: Operating System Share by Groups for Sites in All Locations, January 2012 10 2: Webmin dependencies installation 18 3: Webmin installation 18 4. CSF Firewall Installation 18 5: CSF Firewall Module installation 19 6: CSF Firewall – Firewall Configuration section 20 7: CSF Firewall - Connection Tracking section 21 8: Low Orbit Ion Cannon attacking the server 22 9: An Email about the DoS attack from the CSF Firewall 25 10: An Email from the CSF Firewall about the port scan attack 26 5 LIST OF TABLES Table Number Page Table 1: Evaluation tools and their usage 15 – 16 Table 2: Server specifications 17 6 List of Acronyms CPU Central processing Unit GUI Graphical User Interface HTTP Hypertext Transfer Protocol SSH Secure Shell RAM Random Access Memory IP Internet Protocol NIC Network Interface Card OS Operating System TCP Transmission Protocol HTML Hypertext Markup Language DoS Denial-of-service SYN Synchronize SYN Flood Synchronize Packet Flood SSL Secure Sockets Layer SPI Stateful Packet Inspection BTH Blekinge Institute of Technology 7 1. Introduction Every day datacenters are increasing in size [1]. More and more companies are using web servers to communicate with their customers. Businesses have begun to start online, on the Internet, to increase their profit by selling products, or providing services, not limited to or defined by a geographical location. These websites are increasingly becoming the first stop when one look for something, even when on the road, with the aid of smartphones and tablets, whose use have been increasing dramatically. Attacks are increasing continually, and every day it is heard and read in the news, about the new laws created to criminalize those who attack or hack a website. Cybercrime is becoming more popular every passing day and in recent news, CNN published an article about “Hackers access Federal Reserve website, data” [2] which described the latest events in cybercrime. There are many news articles about attacks against websites and hackers all over the Internet, the newspapers, the magazines and the TV. Some hackers have been using services from websites that allows them to archive their attacks, and such service like the one from zone- h.org, which has recorded more than 8 million digital attacks [3]. “The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts”. Eugene H. Spafford Websites are very common, extremely useful, everyday shopping portals. They gather details of many of the transactions made every day. There are many threats to the web services that require people to secure them against unauthorized access, disclosure of confidential customer information, data alteration, and spying network privacy [4]. Secure Shell (SSH) is one of the services that have always been under attack. It is a service that lets administrators to remotely connect to a machine to execute commands and manage the server remotely. Thus, this machine can be fully managed by a root user login. SSH dictionary attack is one of the common attacks against Secure Shell, and once the dictionary guesses the right login information, the server is then fully compromised and server may face real problems [5]. 8 Synchronize Packet Flood (SYN Flood) attacks are another security issue that prevents legitimate users from using a service such as the Hypertext Transfer Protocol (HTTP) web server service. It is a form of denial-of-service attack. An attacker floods a service by sending many synchronize (SYN) requests and that affects the server resources heavily which in turn leads to the point when the server may become overloaded and a user is not able to connect to it [6]. The Denial-of-Service Attack (DoS) impact is a very costly one, and it becomes popular every day. It does not result in a direct hacking to the system but its impact may lead to failure in a security service or application and then the hackers may get inside the server. Some attackers are making money by attacking a website [7]. Port scan is an attack whose object is to scan a server for open ports, and it is considered to be the first stage of an attack. Attackers are interested in all possible doors of the server, and are willing to exploit any window to attack the server. Detecting such attacks may prevent the server from being hacked or compromised [8]. Some server operating systems have many services that come attached with the core system, and a number of them are superficial. To have unused service in a server may lead to the whole server get hacked, and may create many security issues in it. Therefore, eliminating unnecessary services is a good start to decrease exploitation by hackers [9]. One of the server’s base security elements is the firewall which controls each of the incoming and outgoing packets, and decides, based on the firewall, the rules whether to pass the packets or not [9]. The firewall controls all the server’s services, connectivity, et al, with the aid of the iptables policy rules. Managing the firewall rules is not an easy task and a misconfiguration may lead to block traffic, which would mean that a user would not be able to connect to the network [10]. Researching web security issues in general will take unlimited time, as there are many operating systems, tools, solutions and aspects to the matter. The operating system Linux seems to be the most used server operating system as Netcraft´s Secure Sockets Layer (SSL) survey shown in the figure 1 below [11]. 9 Figure 1: Operating System Share by Groups for Sites in All Locations, January 2012 The web server security is a challenging task that involves many aspects. It requires long term planning, using the right hardware and software, isolating services in different environments, restricting server access, creating security policies, implementing methods to control the events, disabling unnecessary server modules, disabling unused service functions, disabling directory browsing, disabling services versions, and the requirements never end because there are always new threats emerging. As the search for researches and solutions continued, it was found that managing the iptables firewall to secure web servers is not a simple task and it requires considerable expertise.
Recommended publications
  • Kosten Senken Dank Open Source?
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE Kosten senken dank Open Source? provided by Bern Open Repository andStrategien Information System (BORIS) | downloaded: 13.3.2017 https://doi.org/10.7892/boris.47380 source: 36 Nr. 01/02 | Februar 2014 Swiss IT Magazine Strategien Kosten senken dank Open Source? Mehr Geld im Portemonnaie und weniger Sorgen im Gepäck Der Einsatz von Open Source Software kann das IT-Budget schonen, wenn man richtig vorgeht. Viel wichtiger sind aber strategische Vorteile wie die digitale Nachhaltigkeit oder die Unabhängigkeit von Herstellern, die sich durch den konsequenten Einsatz von Open Source ergeben. V ON D R . M ATTHIAS S TÜR M ER ines vorweg: Open Source ist nicht gra- tis. Oder korrekt ausgedrückt: Der Download von Open Source Software (OSS) von den vielen Internet-Portalen wieE Github, Google Code, Sourceforge oder Freecode ist selbstverständlich kostenlos. Aber wenn Open-Source-Lösungen professionell eingeführt und betrieben werden, verursacht dies interne und/oder externe Kosten. Geschäftskritische Lösungen benötigen stets zuverlässige Wartung und Support, ansonsten steigt das Risiko erheblich, dass zentrale Infor- matiksysteme ausfallen oder wichtige Daten verloren gehen oder gestohlen werden. Für den sicheren Einsatz von Open Source Soft- ware braucht es deshalb entweder interne INHALT Ressourcen und Know-how, wie die entspre- chenden Systeme betrieben werden. Oder es MEHR GELD im PORTemoNNaie UND weNIGER SorgeN im GEPÄck 36 wird ein Service Level Agreement (SLA) bei- MarkTÜbersicHT: 152 SCHweiZer OPEN-SOUrce-SPEZialisTEN 40 spielsweise in Form einer Subscription mit einem kommerziellen Anbieter von Open- SpareN ODER NICHT spareN 48 Source-Lösungen abgeschlossen.
    [Show full text]
  • Databits: an Electronic Newsletter for Information Managers
    DataBits: An electronic newsletter for Information Managers Wade Sheldon (GCE) and Margaret O’Brien (SBC), co-editors Spring 2008 Issue Table of Contents Feature Articles The FCE LTER Website has a NEW look! - Linda Powell ......................................................1 Developing a Searchable Document and Imagery Archive for the GCE-LTER Web Site - Wade Sheldon....................................................................................................................5 Improving the Basic Keyword Search for Datasets by Employing Text Mining Techniques and Indexing - Hung V. Nguyen, Corinna Gries, Hasan Davulcu ..................9 Developing and Using APIs in System Design - James Connors, Mason Kortz ....................12 FinLTSER Network: New addition to the global LTER network - Helena Karasti ..............14 Commentary Using Xen and VMWare to Manage Virtual Machines: A New User’s Saga - John H. Porter.................................................................................................................18 Making Sense of Collaboration Software - James W Brunt....................................................20 Big Science and Local Meetings - Karen Baker, Sabine Grabner..........................................23 Preservation Metadata: Another Chapter in the Metadata Story - Lynn Yarmey ....................25 Data Quality: Yet Another Chapter in the Metadata Story - Lynn Yarmey.............................27 Good Tools and Programs Specifik, a Taxonomic Reference Tool to Support Synthesis of Vegetation
    [Show full text]
  • Neural Network FAQ, Part 1 of 7: Introduction
    Neural Network FAQ, part 1 of 7: Introduction Archive-name: ai-faq/neural-nets/part1 Last-modified: 2002-05-17 URL: ftp://ftp.sas.com/pub/neural/FAQ.html Maintainer: [email protected] (Warren S. Sarle) Copyright 1997, 1998, 1999, 2000, 2001, 2002 by Warren S. Sarle, Cary, NC, USA. --------------------------------------------------------------- Additions, corrections, or improvements are always welcome. Anybody who is willing to contribute any information, please email me; if it is relevant, I will incorporate it. The monthly posting departs around the 28th of every month. --------------------------------------------------------------- This is the first of seven parts of a monthly posting to the Usenet newsgroup comp.ai.neural-nets (as well as comp.answers and news.answers, where it should be findable at any time). Its purpose is to provide basic information for individuals who are new to the field of neural networks or who are just beginning to read this group. It will help to avoid lengthy discussion of questions that often arise for beginners. SO, PLEASE, SEARCH THIS POSTING FIRST IF YOU HAVE A QUESTION and DON'T POST ANSWERS TO FAQs: POINT THE ASKER TO THIS POSTING The latest version of the FAQ is available as a hypertext document, readable by any WWW (World Wide Web) browser such as Netscape, under the URL: ftp://ftp.sas.com/pub/neural/FAQ.html. If you are reading the version of the FAQ posted in comp.ai.neural-nets, be sure to view it with a monospace font such as Courier. If you view it with a proportional font, tables and formulas will be mangled.
    [Show full text]
  • Virtual Organization Clusters: Self-Provisioned Clouds on the Grid Michael Murphy Clemson University, [email protected]
    Clemson University TigerPrints All Dissertations Dissertations 5-2010 Virtual Organization Clusters: Self-Provisioned Clouds on the Grid Michael Murphy Clemson University, [email protected] Follow this and additional works at: https://tigerprints.clemson.edu/all_dissertations Part of the Computer Sciences Commons Recommended Citation Murphy, Michael, "Virtual Organization Clusters: Self-Provisioned Clouds on the Grid" (2010). All Dissertations. 511. https://tigerprints.clemson.edu/all_dissertations/511 This Dissertation is brought to you for free and open access by the Dissertations at TigerPrints. It has been accepted for inclusion in All Dissertations by an authorized administrator of TigerPrints. For more information, please contact [email protected]. Virtual Organization Clusters: Self-Provisioned Clouds on the Grid A Dissertation Presented to the Graduate School of Clemson University In Partial Fulfillment of the Requirements for the Degree Doctor of Philosophy Computer Science by Michael A. Murphy May 2010 Accepted by: Dr. Sebastien Goasguen, Committee Chair Dr. Jim Martin Dr. Walt Ligon Dr. Robert Geist Abstract Virtual Organization Clusters (VOCs) provide a novel architecture for overlaying dedicated cluster systems on existing grid infrastructures. VOCs provide customized, homogeneous execution environments on a per-Virtual Organization basis, without the cost of physical cluster construction or the overhead of per-job containers. Administrative access and overlay network capabilities are granted to Virtual Organizations (VOs) that choose to implement VOC technology, while the system remains completely transparent to end users and non-participating VOs. Unlike alternative systems that require explicit leases, VOCs are autonomically self-provisioned according to configurable usage policies. As a grid computing architecture, VOCs are designed to be technology agnostic and are implementable by any combination of software and services that follows the Virtual Organization Cluster Model.
    [Show full text]
  • Comparing User Experiences in Using Twiki & Mediawiki To
    Liang, M., Chu, S., Siu, F., & Zhou, A. (2009). Comparing User Experiences in Using Twiki & Mediawiki to Facilitate Collaborative Learning. Proceedings of the 2009 International Conference on Knowledge Management [CD-ROM]. Hong Kong, Dec 3-4, 2009. COMPARING USER EXPERIENCES IN USING TWIKI & MEDIAWIKI TO FACILITATE COLLABORATIVE LEARNING MICHAEL LIANG* IT and Management Consulting Division, WiderWorld Company Ltd. [email protected] † SAM CHU , FELIX SIU and AUDREY ZHOU Faculty of Education, the University of Hong Kong † [email protected] This research seeks to determine the perceived effectiveness of using TWiki and MediaWiki in collaborative work and knowledge management; and to compare the use of TWiki and MediaWiki in terms of user experiences in the master’s level of study at the University of Hong Kong. Through a multiple case study approach, the study adopted a mixed methods research design which used both quantitative and qualitative methods to analyze findings from specific user groups in two study programmes. In the study, both wiki platforms were regarded as suitable tools for group work co-construction, which were found to be effective in improving group collaboration and work quality. Wikis were also viewed as enabling tools for knowledge management. MediaWiki was rated more favorably than TWiki, especially in the ease of use and enjoyment experienced. The paper should be of interest to educators who may want to explore wiki as a platform to enhance students’ collaborative group work. 1. Introduction Rote learning, which focuses on the direct transmission of knowledge from teachers to students using a traditional didactic approach, is the prevalent norm in education in many countries (Jang, 2007).
    [Show full text]
  • Tutorial: Wikis in the Workplace" for Wiki Symposium, Montreal, Canada, 22 Oct 2007
    This is the presentation material for the 3 hour session on "Tutorial: Wikis in the Workplace" for Wiki Symposium, Montreal, Canada, 22 Oct 2007. Slide 1: Tutorial: Wikis in the Workplace "Wikis have changed the way we run meetings, plan releases, document our product and generally communicate with each other" - Eric Baldeschwieler, Director of Software Development of Yahoo! • Wiki, a writable web: Communities can share content and organize it in a way most meaningful and useful to them • If extended with the right set of functionality, a wiki can be applied to the workplace to schedule, manage, document, and support daily activities • A structured wiki combines the benefits of a wiki and a database • This tutorial explains publishing wikis and structured wiki, covers its deployment, and shows some sample applications using TWiki, an open source enterprise wiki platform Presentation for Wiki Symposium, Montreal, Canada, 22 Oct 2007 -- Peter Thoeny - [email protected] - TWIKI.NET Slide 2: About Peter • Peter Thoeny - [email protected] • Founder of TWiki, the leading wiki for corporate collaboration, managing the open-sourced project for the last 9 years • Co-founder of TWIKI.NET , a company offering services and support for TWiki • Co-author of Wikis for Dummies book • Invented the concept of Structured Wikis - where free form wiki content can be structured with tailored wiki applications • Recognized thought-leader in Wikis and social software, featured in numerous articles and technology conferences including
    [Show full text]
  • Regular Expressions Search String Counts
    "regular expressions" (image) "regular expressions" blog"regular expressions" blog"regular (image) expressions" cheat"regular sheet expressions" cheat"regular sheet (image) expressions" examples "regular expressions" examples"regular (image) expressions" in "regular excel expressions" in (image) "regular excel expressions" in "regular vba expressions" in "regular vba (image) expressions" python"regular expressions" python"regular (image) expressions" tester"regular expressions" tester "regular (image) expressions" tutorial"regular expressions" tutorial"regular (image) Counts URL Per Search_Strings expressions""regular Search_String_Counts 99 91 101 89 99 85 ## 85 ## 80 96 77 99 78 ## 87 ## 86 Primary_URLs www.stackoverflow.com 1 1 0 0 0 0 1 1 1 6 1 5 1 2 1 3 1 0 25 www.youtube.com 0 3 0 0 0 1 0 3 0 3 0 4 0 5 0 2 0 4 25 www.medium.com 1 1 1 0 1 1 1 2 1 1 1 1 1 2 1 1 1 3 21 www.pinterest.com 0 0 0 0 1 9 0 1 0 0 0 1 0 4 0 1 0 2 19 www.regular-expressions.info 1 3 1 0 1 0 2 0 1 0 1 1 1 0 2 2 1 1 18 www.slideshare.net 0 1 0 0 1 2 0 5 0 1 0 0 0 3 0 2 0 2 17 www.scribd.com 0 0 0 2 1 8 0 0 0 0 0 1 0 2 0 0 0 1 15 www.slideplayer.com 0 1 0 1 0 1 0 4 0 1 0 0 0 3 0 2 0 2 15 www.oreilly.com 1 1 0 0 0 0 1 1 0 1 0 0 1 1 1 1 1 1 11 www.regexbuddy.com 1 3 0 0 0 0 0 1 0 0 0 0 1 1 1 2 1 0 11 www.amazon.com 1 1 0 0 1 0 0 0 1 0 1 1 1 0 0 0 1 2 10 www.cheatography.com 0 1 0 0 1 6 0 0 0 0 0 1 0 1 0 0 0 0 10 www.chegg.com 0 0 0 0 0 0 0 1 0 0 0 0 1 6 0 0 0 2 10 www.dataquest.io 0 1 1 1 1 1 0 0 1 0 0 0 1 1 1 0 1 0 10 www.regexr.com 1 1 0 0 1 1 0 0 1 0 1 0 0 0
    [Show full text]
  • Foswiki Xwiki
    Foswiki & XWiki News IT-CDA project Documentation Project Documentation Project Meeting 15-June-2020 Project Status Report Peter Jones IT-CDA 2 Overview • Documentation with wikis • Wiki options • Configurations of the applications • Basic look, structure and functionality • Editing options • Look & Feel • Navigation and Search 3 Documentation with Wikis Advantages: • Easy for anyone to enter content in the browser • Updates of documents are seen immediately • WYSIWYG and text editors (for markup, markdown, HTML) available • Automatic organization of documents • Documents are grouped and have a hierarchy (indexes, lists, trees, changes) • Colleagues files and their changes are visible to all with access rights • Notifications available • Built in revision control • Access control on single or groups of documents • Import and Export (PDF, Office, HTML etc) • Possibility to create dynamic pages • Flexible look & feel depending on user, group or document • 100s of additional feature available (macros, charts, latex, real-time editing…) • Extendible – new features • Available anywhere with very fast response times Foswiki and XWiki can offer all of the above: • Which is best for documentation? • Which is the best for our current TWiki users? • Which is the best for our current SharePoint users? • Which is the best for IT environment and support? 4 Background of the Wikis TWiki – Used at CERN since 2003 • Heavily used for Documentation and as a Collaboration tool • Open source GPL - perl • Stable but little recent change Foswiki – A fork of
    [Show full text]
  • Open Source Platforms - Content Management Systems (CMS)
    Open Source Platforms - Content Management Systems (CMS) Γιάκας Αθανάσιος ΑΕΜ 531 Συστήματα Διαχείρισης Περιεχομένου ● Τα Συστήματα Διαχείρισης Περιεχομένου (ΣΔΠ, Content Management Systems, CMS) είναι διαδικτυακές εφαρμογές που επιτρέπουν την online τροποποίηση του περιεχομένου ενός δικτυακού τόπου. ● Οι διαχειριστές μέσω του διαδικτύου ενημερώνουν το περιεχόμενο στο ΣΔΠ, το οποίο είναι εγκατεστημένο σ' ένα διακομιστή. Οι αλλαγές αυτές γίνονται αυτόματα διαθέσιμες πάλι μέσω του διαδικτύου, σε όλους τους επισκέπτες και χρήστες του δικτυακού τόπου. Κατάλογος Συστημάτων Διαχείρισης Περιεχομένου Ανοιχτού Κώδικα ανά πλατφόρμα ● ASP.NET: DotNetNuke Community Edition , mojoPortal , Umbraco , N2 CMS , MvcCms ● JAVA: jAPS, OpenCms, Liferay, Dspace, Fedora, dotCMS, Nuxeo EP, Alfresco, Magnolia, Hippo, Calenco ● Perl: blosxom ,Bricolage , MojoMojo, Movable Type ,Twiki ,Scoop ,Slash ,WebGUI ● PHP: AdaptCMS Lite, Atutor, b2evolution, Bedita, BLOG:CMS, CivicSpace, CMS Made Simple, Concrete5, Dotclear, Drupal ,DynPG, eFront ,e107, Exponent CMS, eZ Publish, Frog CMS, Gamboo Web Suite, GCMS, ImpressCMS, Jaws, Joomla!, Habari, KnowledgeTree Document Management System, Lyceum,Mambo,Merlintalk, MiaCMS, Midgard CMS MODx, MySource Matrix (Squiz), Nucleus ,Opus,PHP-Fusion, PHP-Nuke, PHPSlash, phpWebSite,Pixie (CMS),RavenNuke CMS,SilverStripe,SPIP, TangoCMS, Textpattern,TikiWiki CMS/Groupware ,Tribiq CMS ,TYPO3 ,whCMS,WordPress,Website Baker, Xaraya, Zikula Κάποιοα από τα πιο δημοφιλή open source CMS ● Drupal ● Wordpress ● Joomla ● Textpattern ● Radiant CMS
    [Show full text]
  • Undergraduate Research Report Samantha Wohlstadter 1 PHY4902
    Undergraduate Research Report Samantha Wohlstadter 1 PHY4902: Undergraduate Research Research Report Samantha Wohlstadter Undergraduate Research Report Samantha Wohlstadter 2 Table of Contents Overview and Goals 4 CE and Nodes 5 NAS Maintenance 6 UPS Maintenance 10 Software 11 MySQL and Website . 11 Condor . 13 Root................................... 14 CMS Software . 14 Undergraduate Research Report Samantha Wohlstadter 3 List of Figures 1 The Cluster . .4 2 An example of the output of 'zpool status' . .6 3 An example of the output of tw cli, showing the hard drives that the RAID card can detect. .7 Undergraduate Research Report Samantha Wohlstadter 4 Overview and Goals The main goal of this project is to set up CMS software locally on the Cluster in order to simulate Mehdi's event samples. To accomplish this goal, the work was divided into multiple steps: • Ensure that the Cluster is functional, including the compute nodes, the Storage Element (SE), the Compute Element (CE), the NAS units, and the UPS units. • Reconfigure MySQL after installing the nodes, so that the website is accessible. • Set up Condor, the job submission software, to automatically run data between the different steps of the simulation process. • Install and set up the CMS simulation software, including Root. Before this project began, the cluster was still in the first step. The new CE had just been installed and set up, including: the ROCKS OS installation, the zpool for the OS drives, and most of the node integration. The remaining tasks to complete this step included verifying the node integration, though there was also ongoing general maintenance of the cluster such as hard drive and battery replacements.
    [Show full text]
  • Kosten Senken Dank Open Source? Strategien
    Kosten senken dank Open Source? Strategien 36 Nr. 01/02 | Februar 2014 Swiss IT Magazine Strategien Kosten senken dank Open Source? Mehr Geld im Portemonnaie und weniger Sorgen im Gepäck Der Einsatz von Open Source Software kann das IT-Budget schonen, wenn man richtig vorgeht. Viel wichtiger sind aber strategische Vorteile wie die digitale Nachhaltigkeit oder die Unabhängigkeit von Herstellern, die sich durch den konsequenten Einsatz von Open Source ergeben. V ON D R . M ATTHIAS S TÜR M ER ines vorweg: Open Source ist nicht gra- tis. Oder korrekt ausgedrückt: Der Download von Open Source Software (OSS) von den vielen Internet-Portalen wieE Github, Google Code, Sourceforge oder Freecode ist selbstverständlich kostenlos. Aber wenn Open-Source-Lösungen professionell eingeführt und betrieben werden, verursacht dies interne und/oder externe Kosten. Geschäftskritische Lösungen benötigen stets zuverlässige Wartung und Support, ansonsten steigt das Risiko erheblich, dass zentrale Infor- matiksysteme ausfallen oder wichtige Daten verloren gehen oder gestohlen werden. Für den sicheren Einsatz von Open Source Soft- ware braucht es deshalb entweder interne INHALT Ressourcen und Know-how, wie die entspre- chenden Systeme betrieben werden. Oder es MEHR GELD im PORTemoNNaie UND weNIGER SorgeN im GEPÄck 36 wird ein Service Level Agreement (SLA) bei- MarkTÜbersicHT: 152 SCHweiZer OPEN-SOUrce-SPEZialisTEN 40 spielsweise in Form einer Subscription mit einem kommerziellen Anbieter von Open- SpareN ODER NICHT spareN 48 Source-Lösungen abgeschlossen. Dieser be- GÜNSTIGE HocHVERFÜgbarkeiT 50 schäftigt wiederum Mitarbeitende, die lang- MEHR EIGENREGIE daNK OpeN SOUrce 52 jährige Erfahrungen mit den jeweiligen Syste- men haben und deshalb im Bedarfsfall rasch SO GUT SCHLÄFT maN miT OpeN SOUrce 54 und kompetent eingreifen können.
    [Show full text]
  • Twiki a Collaboration Tool for the LHC
    TWiki a collaboration tool for the LHC Peter L. Jones Nils Høimyr CERN CERN IT/PES IT/PES Geneva 23, Switzerland Geneva 23, Switzerland +41 22 7674901 +41 22 7672945 [email protected] [email protected] ABSTRACT 1. INTRODUCTION At the European Laboratory for High Energy Physics, CERN[1], The World Wide Web was invented at CERN to improve sharing the Large Hadron Collider (LHC)[2] accelerator is colliding of documents among collaborating physicists on diverse beams of protons at energies of 3.5 TeV, recreating conditions computer systems. Wiki pages, where the user has the possibility close to those at the origin of the Universe. The four main LHC to edit the page directly from the browser, is very much in the experiments, Alice, Atlas, CMS and LHCb are complex original democratic spirit of the web. For scientific detectors with millions of output channels. These experiment organizations like CERN, this allows collaborations where users detectors, “large as cathedrals”, have been designed, built and are in different buildings, cities or even countries a convenient are now operated by collaborations of physicists from way of working together on projects and documents. universities and research institutes spread across the world. TWiki, one of many available Wikis, is a structured one Wikis are a perfect match to the collaborative nature of CERN targeting mainly corporate intranets. TWiki was originally experiments and since TWiki[3] was installed at CERN in 2003 chosen because of its project oriented focus and simple setup on it has grown in popularity and the statistics from April 2011 computing resources that were readily available at CERN.
    [Show full text]