– by Tina Gasperson –
Island Computer Products (ICP) is located on the edge of Staten Island, N.Y.,
about six miles across the water from Manhattan. As a systems integrator and
reseller, the company has the biggest ISO 9001 certified configuration and
customization facility in the entire New York City area. ICP’s CTO Paul Fabozzi
was working on September 11, 2001.
“I received a phone call minutes after the first plane hit. Our main office and
configuration center sits on the New York Bay and we had an unobstructed view of
the (World Trade Center) buildings on fire. I rushed down to se what was going
on … all the other employees were scared … those buildings were not supposed
to come down.”

Fabozzi says that in the days following the 9/11 terrorist attacks, ICP got a
rush of orders for all kinds of systems. “We had customers that lost office
space in those (WTC) buildings. Many disaster recovery plans were not designed
for this kind of hit. Many of our customers were forced to bring up new offices
right away. (Those) offices need systems, and we sell systems,” he says.

“We were open 24/7 for weeks following the disaster. (For example), the medical
examiner’s office got hundreds of huge systems for DNA analysis. The mayor’s
emergency office was also stocked with top-of-the-line systems, all new. There
were other agencies that needed new systems and additional capacity and
capability to deal with what was going on.”

ICP customizes the systems in-house to the exact specifications so when the
customer receives them “the end user is instantly productive.”

When the orders started flooding in post 9/11, Fabozzi and his staff realized
the mother system used to load disk images couldn’t handle the added stress. “We
spent a bunch of money on a new central server, to increase our throughput. This
included a large solid state disk drive, and fiber channel cards, and a Windows
2000 server … and a ton of RAM.

“We wanted to make sure we were getting our money’s worth, so we did some bench
tests. We were disappointed when the server was getting saturated at about 25
machines loading (five gigabyte disk images) at the same time. We even added two
more processors to the Windows 2000 server, and it actually slowed down.”

Fabozzi and crew went “back to the drawing board.” Having been a “Unix guy” for
two decades, he decided to try Red Hat Linux and Samba on the exact same
hardware configuration, and found the power that was missing with Windows. “We
were able to get more than twice the machines online and loading before we
experienced any saturation.

“This surprised many people, but not me,” says Fabozzi. “Windows is junk on top
of junk. Sure, it looks nice, and it is easy to find people who know how to use
a mouse, but when it comes down to a drag race, I put my money on Linux or Unix
every time.

“Since then we’ve been replacing Windows servers with more stable Linux servers.
We have even gone so far as to beta (Red Hat) Linux workstations with some lucky
customers.”

Anonymous Reader tells us of this FoxNews.com story (which we’ve also linked from other sources): “Microsoft Corp. (MSFT ) will reveal hundreds of pieces of proprietary computer code from its Windows operating system in the next several weeks to comply with an antitrust settlement it signed with the U.S. Justice Department last year, the company said Monday.”

Guy Morgan: farm9, a California-based company providing managed security services, today announced plans for converting its existing security infrastructure software to Open
Source projects. The first release will be Harvester, which provides software for the robust data collection,consolidation, archiving and analysis of network, system, application, user activity for security related events.
All farm9?s Open Source projects will be consolidated at
www.farm9.org
and available to the public on September 3, 2002. Existing open source projects from farm9 that will move to this site are CryptCat and other encryption, testing and auditing tools. As a true open source solution, the software will be available free of charge and comes with source code and a comprehensive set of tools and utilities for deploying into any environment.

Features

The open source project for Harvester will be jumpstarted based on the existing software developed by farm9. The current code-base in production has processed in excess of 100 million events in a single month.

Harvester is currently based on the following open source tools: OpenBSD, Linux, Mysql, Apache, PHP, Zope, Perl, Python, Sabernet, Jpgraph, Snort, Nessus, Whisker.

The core engine provides near real -time data collection from host systems (web, mail, etc), network infrastructure systems (router, switch, DNS, PDC/BDC, etc.) and security infrastructure systems (firewall, IDS, VPN, etc.).

Robust consolidation is provided through a centralized database repository. The scoring system provides for standardizing event priorities across different system types and can be used for customizing scores for specific environments. A separate plug-in module provides automation of audit trail archiving.

Comprehensive analysis is provided across several modules, these are correlation, vulnerability management and event management modules. Vulnerability management combines system testing with osvdb.org vulnerability alerts. Event management provides ticket creation, escalation, tracking and reporting capabilities.

Timeline

All farm9?s Open Source projects will be consolidated at www.farm9.org and available to the public on September 3, 2002. Harvester information will include:
o Project Objectives
o Architectural Documentation
o Technical Specification Draft
o FAQs
o Facility for Soliciting Comments

The first code release of Harvester is slated for October 2002 and will include:
o Revised Technical Specification
o Core engine for collection and consolidation
o DB module for MySQL
o Archiving module
o Agent modules for integrating various sensors
o Common scoring engine
o API for adding additional agent modules

A second release slated for December 2002 and will include bug fixes and an enhanced installation process. Why farm9 is Doing This

farm9 primary business is providing security services to our clients. Our investment in developing robust security software has allowed us to offer scalable and profitable services. The primary value to our clients is in the 24×7 monitoring, analysis and support that we provide.

farm9 believes that a strong commitment to the Open Source community will help us build better name recognition and obtain access to new clients that have 24×7 operation staff but want commercial technical support for the software.

As an Open Source project the software will be enhanced through peer review and result in extensible high-quality code, secure design and wider industry expert participation in defining functionality & features.

About farm9

farm9 was founded as a California corporation in March of 2000 and is privately held. Farm9 has facilities located in Oakland California. farm9 is a leading provider of subscription based managed services and complementary professional services protecting our clients? critical computing infrastructure. This combined service approach allows farm9 to provide customized end-to-end security solutions to the specific requirements of Financial Services, HealthCare and Internet-driven organizations.

Gerry Patterson writes: “Occam’s Razor has become the cornerstone of post-Renaissance
scientific philosophy. The infamous razor can be applied to systems
analysis and software design, where it is usually referred to as
KISS (Keep It Simple Stupid).

KISS is an excellent design strategy for websites. KISS websites can
work, can work fast, can work with all browsers and can get listed with
the search engines. What more could you possibly want from a website? Read more at: PGTS Journal.”

Anonymous Reader writes: “Greplaw: The Norweigan “Byrett” (district court) will try the Jon Johansen DVD case on December 9, 2002. The trial was supposed to take place this summer, but the court decided to postpone the trial to find a technology savvy judge. Johansen created DVD Linux player tool DeCSS. Read the story.”

“Over the past six months, significant progress has been made in areas such as training, technical support and application availability. The same is true in the critical area of customer acceptance of Linux as an alternative to other platforms, which has been perhaps the single biggest factor blocking Linux’s move into the business market.

However, much less progress has been made in reducing Linux certification as a barrier to acceptance, with the percentage of solution providers citing this factor remaining about the same in June as in December. Vendor-neutral certifications will likely play a role in solving this problem, given the nonproprietary nature of Linux.” More at CRN.com.

“LinuxWorld Expo will feature speakers such as Sun CEO Scott McNealy, Oracle CEO Larry Ellison and Google co-founder Sergey Brin, who are scheduled to give keynote addresses. And to keep things interesting, longtime Linux basher Microsoft will have a booth at the show for the first time. With LinuxWorld’s increased visibility and high-profile speakers and attendees, observers say the show is further proof that Linux has moved from the fringe to front and center in terms of enterprise IT strategy.” More at NetworkWorldFusion.

“Just after last year’s Def Con ended, U.S. Federal Bureau of Investigation agents arrested a Russian programmer who had presented a paper at the conference on weaknesses in the encryption of Adobe Systems e-books. With that arrest, Dmitry Sklyarov became the first person to face criminal prosecution under the 1998 Digital Millennium Copyright Act, a law that is coming under increasingly heavy fire from hackers, civil rights advocates, cyber rights groups, among others.” More at InfoWorld.

LinuxSecurity Contributors writes: “This week on LinuxSecurity.com, perhaps the most interesting articles include “Computer Forensics: Detecting the Imprint,” “Filtering E-Mail with Postfix and Procmail,” “Monitor Linux routers and firewalls with MRTG,” and “Assessing Internet Security Risk.” Read more at Linux Security Week“

Anonymous Reader writes: “OSNews features screenshots on a short article regarding Red Hat’s Limbo progress, also describing what’s new since beta 1.”