Linuxense Blog

None broke into the server which was on the Net for 96 hours. Kudos to Adamantix!

See details at http://www.linuxense.com/challenge

At the end of 48th hour we have released a shell account with the login name ROT13ed. It didn’t take more than a couple of minutes for the first person to login! But there were several contestants who complained about a login account which “just doesn’t work”.

Most of the attempts had stack-smash as the basic technique which Pax is good at. But there was a Pax privilege elevation bug to which Adamantix 1.0.4 was susceptible. See http://seclists.org/lists/fulldisclosure/2005/Mar/0211.html for more details. But the first exploit wasn’t out till the end of 96 hours (though the Kernel used was not fully susceptible)

Packet capture dump is being circulated via Bittorrent and had several downloads so far.

We thank Asianet Satellite communications for providing us bandwidth.

This break-in challenge was unique in a sense that this was the first time an Open source product was put under such a test. Normally companies do this to show off their own product’s capability.

Linuxense is holding a Linux Server Break-in Challenge. We set up a hardened server, connecting it to the Internet and inviting those who are “crackers” at heart to break-in to it.

This event does not offer any prize money; and we are not planning to ship the server to the winner. But if you break in you you get a permanent reference in our challenge page –this is a “No Prizes; Just Applause” affair.

This is a regular Linux server with its traffic routed through a bridge to sniff the packets passing through and to limit outbound traffic. This bridge (yet another Linux box) will be logging all the packets passing through. This data will be made available to the participants –learn what others did it and do forensic analysis.

This server will become available on the net by 2 AM IST, 9 March 2005 and will be there for 96 hours or till you take it down. See the details on our web site.

Watch this space for updates on the event. Good luck!

Raja put on his hat and jumped on his new Yamaha with his installation CD stack for yet another enterprise-grade, Linuxense-special Sarge installation. This time it was for an 100% EOU, Technopark company. And he steped into their space-age office and flashed the purchase order and he was accompanied to the server room right away. And he was on and took out the installation disks.

“Hold on!” the admin rushed to the server room and screamed. “Huh. You know, today is a Tuesday and so it is not good to install Linux today.”

Wait; are you laughing or? In India sometimes it is like that.

Starting from last Sunday 7 of December one of our servers located at ServerBeach experienced severe and repeated hardware problems including HDD failures and motherboard problems.

They replaced the HDD twice, motherboard once, and chassis once. But we decided to move over to another server of higher configuration. Despite of repeated hardware failures we could restore the data (including log files) completely. We managed to migrate all the services and data to the new server in 12 hours’ time starting from 18 Dec 1800 hrs to 19 Dec 0600 hrs.

This havoc disrupted several services like SMTP, FTP, and Web running on this server.We apologize for the inconvenience caused to our clients and associates and we acknowledge their understanding.

A few words about ServerBeach: They are basically good guys. What we like about them is that they support Debian. And most of their offerings are good deals if you have in-house Linux expertise. But if you are looking for sub-minute support response this is a wrong place; have a look at Rackspace.

Linuxense is shifting to a new office in Poojapura. We will be functioning on the third floor of “Koipurathu Buildings” located on Karamana road (there is an SBT ATM functioning in this building). Shifting process will be completed by Saturday 18.

All of us are happy and sad at the same time in this occassion. We are excited because the new place has more amenities and features. We are sad because we are leaving an one-of-a-kind, 75 year old, huge building surrounded by fruits and trees and flowers which kept us busy while we were not coding.

We are thankful to the landlord, Krishna G.S. and CVR for arranging the present place for us. Linuxense has been functioning out of this place for the past two years. We also thank CVR’s parents and brother Rajaram for taking care of us during their stay here in this building.

This time Linuxense will be providing SSLC/HSC result lookup service to two Kerala state government web sites and keralaonline.com using our lookup engine named mod_scuba which is an Apache module written in C language. Scuba architecture is optimised for high performance, single-tier lookup services like exam results, telephone directory etc.. Like last year, this time also bandwidth is from Asianet.

Last year we have provided result lookup service using TuX. Though it was enough to serve this kind of surge traffic we want to make it one step ahead –to build a generic lookup engine with minimum lead time to publish, support load balancing and to provide facility for dynamic page generation with out server-side scripting. Scuba architecture is the answer.

Find out more at: http://www.linuxense.com/lpe/scuba.xhtml

C.V. Radhakrishnan, President, Linuxense got married to Vidhya of Focal Image
last Sunday 18 April at Hotel South Park in the presence of a few
family members and close friends. Vidhya, a TeX programmer by herself, has
been working with CVR for almost nine years and they friend with each other.

CVR says “I’m late to start my life, but you all know the reasons very
well.” We all at Linuxense wish you all the very best to both of you!

He has posted a few pictures of the marriage ceremony here: http://tug.org/~cvr/knot/

We wish you all the very best for your life together. May God bless you in abundance.

If you would like to wish him, take a few seconds and post a comment
here. He can also be reached by cvr at focalimage dot com.

This is a major release and it feature the long-awaited append facility. Also it features a modecalled “Sync Mode” useful while writing large number of records; avoids out-of-memory situations. Get it from http://Sarovar.org/projects/javadbf

agni.linuxense.com was was not reachable from outside Linuxense since last Saturday night. The reason found out to be a routing issue at Asianet; routing wasn’t taking place properly for our subnet.

It looks OK now. Should be working fine here on wards.

Sarovar.org ( http://sarovar.org/ ) had its routine maintenance and capacity enhancement last night. Rajkumar, Abraham, and me were at the Asianet data center till early morning today. The entire 6 hour process was Webcast live at Sarovar.org URL!

Sarovar.org facility is now equipped with more storage space and has noticeable improvements in disk I/O. This has been done because more popular FLOSS projects decided to shift to Sarovar.org; TeXLive and PDFTex are two among them.

Posted by: Anil Kumar K. (anil at linuxense dot com)