| Read the Digest in
PDF.
You need the free
Adobe
Reader.
| ||||||
Thanks to This Month's Availability Digest Sponsor
| ||||||
|
In this issue:
Shellshock - The Bash Vulnerability 2014 HP NonStop Technical Boot Camp
Browse through our useful links. See our article archive for complete articles. Sign up for your free subscription. Visit our Continuous Availability Forum. Check out our seminars. Check out our writing services. |
Availability Digest to Present at the HP NonStop Technical Boot Camp Every year, Connect, the Independent HP Business Technology Community, sponsors the NonStop Technical Boot Camp to bring the latest technologies for these systems to Connect’s members. The NonStop Boot Camp is scheduled to take place from Sunday, November 16th, through Wednesday, November 19th at the Hayes Mansion in San Jose, California, U.S.A. This year celebrates forty years of NonStop. I am scheduled to speak at the Boot Camp. My presentation is entitled “How Does Failover Affect Your SLA?” NonStop servers typically have availabilities of four 9s. Consider a requirement for a new critical application that will require an availability of six 9s. Availability theory tells us that if you add a backup system, you will double your nines. Therefore, in our four-9s example, adding a backup system will provide eight 9s of availability. However, this simple rule assumes zero failover time and absolutely reliable failover. What impact do failover times and failover faults have on redundant system reliability? They could prevent our redundant system from meeting its availability requirement. I explain how to take into account these factors and possible ways to minimize or even eliminate both. More details about the NonStop Boot Camp are available on Connect’s web site at www.connect-community.org. Dr. Bill Highleyman, Managing Editor | |||||
|
Never AgainShellshock – The Bash Vulnerability
A bug in the popular Bash shell was discovered at the end of September, 2014. Dubbed ‘Shellshock,’ the flaw has led to a code-injection vulnerability for applications running under Linux and Unix operating systems that use Bash as the shell.
Bash is a commonly used command interpreter for Unix and Linux systems. Bash has been distributed widely as the shell for the GNU operating system and as a default shell for Linux and Apple’s Mac OS X.
Bash uses Common Gateway Interface (CGI) scripts to generate dynamic content for web pages and web applications. The Bash vulnerability is caused by Bash’s handling of environmental variables in CGI scripts. When the script assigns a function to a CGI variable, not only is the specified function executed, but any malicious trailing code in the function definition also will be executed. Bash takes no precautions to protect against trailing code. This opens the door for code injection attacks. Shellshock is still too new to know if it will live up to analysts’ fears. However, there is already proof-of-concept code on the Internet for exploiting Bash using CGI scripts to run code with the same privileges as the web server. --more--
2014 HP NonStop Technical Boot Camp
It’s that time again for the premier HP NonStop conference. Hosted by Connect, the Independent HP Business Technology Community, the 2014 HP NonStop Technical Boot Camp will be held from Sunday, November 16th, through Wednesday, November 19th, at the Hayes Mansion in San Jose, California, U.S.A.
For those current users of NonStop systems, for those considering NonStop systems, and for those who are just curious about these systems, the NonStop Boot Camp provides a forum for you to mingle with and to learn from HP NonStop developers, users, and third-party partners. Last year’s Boot Camp attracted several hundred attendees from all over the world. This year’s Boot Camp promises to be substantially larger. Over fifty sessions are scheduled as part of the four-day Sunday to Wednesday event.
Of particular interest this year will be information on HP’s port of the NonStop operating system to HP’s x86 blades. NonStop soon will be able to run in either an x86 environment or in an Itanium environment. The registration fee for the Boot Camp is $1,295. Connect has arranged for a variety of travel discounts to the conference. For instance, 10% discounts are available for flights on American Airlines and Delta. --more--
HP NonStop for Dummies
Finally! A Dummies book for HP NonStop systems is here. “HP NonStop for Dummies” is a high-level but educational view of all things that make NonStop servers nonstop. NonStop servers recover automatically from any single fault and even from multiple unrelated faults. Consequently, these self-healing systems experience uptimes measured in years.
The NonStop hardware and software architectures that lead to this level of availability are described in the book, followed by the ease with which applications can be developed for NonStop systems. The ability to integrate these systems with other enterprise systems is an important attribute, and integration capabilities are summarized. Finally, a list of further references is given.
The book is for those considering NonStop systems for their mission critical applications, for those users new to the system, for those responsible for managing or operating NonStop systems, and even as enjoyable reading for those experts in NonStop systems. This brief summary of “HP NonStop for Dummies” captures only a high-level overview of the information contained in the 44-page book. The full book is a quick and easy read and is recommended for anyone with an interest in NonStop systems and the technology that allows them to implement their highly unusual capabilities. --more--
Repair Strategies
Mission-critical applications are typically protected by providing one or more backup systems to take over processing should the production system fail. The application is deemed to be down if its services are unavailable to its users. We explore in this article one of the factors that determines application downtime – the repair capabilities of the organization.
We consider sequential repair if there is only one repair team and parallel repair if there are multiple repair teams. The cases of a production system with a single backup system, a multinode system with one spare, and a multinode system with multiple spares are analyzed. The repair strategy used by an enterprise can have a significant effect on application downtime. Especially in the case of a production/backup pair, it is important to have two repair teams so that the recovery of a dual-node failure can be executed in parallel. This simple technique will cut application downtime in half. --more--
@availabilitydig – The Twitter Feed of Outages
A challenge every issue for the Availability Digest is to determine which of the many availability topics out there win coveted status as Digest articles. We always regret not focusing our attention on the topics we bypass.
Now with our Twitter presence, we don’t have to feel guilty. This article highlights some of the @availabilitydig tweets that made headlines in recent days. --more--
Sign up for your free subscription at https://availabilitydigest.com/signups.htm
Would You Like to Sign Up for the Free Digest by Fax?
Simply print out the following form, fill it in, and fax it to: Availability Digest +1 908 459 5543
| ||||||
|
The Availability Digest is published monthly. It may be distributed freely. Please pass it on to an associate. Managing Editor - Dr. Bill Highleyman editor@availabilitydigest.com. © 2014 Sombers Associates, Inc., and W. H. Highleyman | ||||||
