Rackspace Releases Knark Antidote to Linux Community

World's Largest Linux Web Hoster Develops 'Alamo' to Battle Deadly Cracker

Weapon



Apr 04, 2001, 01:00 ET from Rackspace Managed Hosting

    SAN ANTONIO, April 4 /PRNewswire/ -- Rackspace Managed Hosting, a leading
 provider of managed Internet hosting services, today announced the release of
 "Alamo," a solution to Knark, which is a lethal weapon in the Linux computer
 hacker's arsenal.
     Knark is a type of cracking weapon often referred to as a Trojan horse --
 a program that hides malicious or harmful code inside seemingly harmless data.
 Knark is used by hackers to cover their tracks, making it virtually impossible
 to detect any kind of malicious activity until it is too late.  After
 infiltrating the server, a hacker can insert Knark into the deepest level of
 the Linux operating system and use it to shoot down any attempts at discovery.
     As Knark is virtually undetectable while a computer is running, the
 problem poses a serious threat to computer security, particularly for servers
 that need to be up and running constantly.  The only way to detect whether or
 not Knark is being used is to take the system offline and perform an "autopsy"
 on the drive.  If the system is mission-critical, however, taking a server
 down may not be a viable option.
     Rackspace, which currently manages more than 3,000 customers' servers and
 over 2,000 Linux Servers in its Texas data center, is concerned about the
 problem and has decided to release a solution to the Linux open source
 community for further development.  The solution, called "Alamo," cleverly
 uses some of Knark's tricks against it.  Once applied to a system or server,
 Alamo reveals all of the files that Knark has "hidden," enabling the system
 administrator to determine whether or not the system has been compromised.
     Although the first to admit that his solution is only a partial one, the
 Rackspace employee who developed the code explained that there still is no
 reliable way to detect Knark.
     "Alamo can level the playing field a little and give the system
 administrator a chance to look around the system without taking a
 mission-critical server offline," said Kelley Spoon, a Linux system developer
 for Rackspace.
     "We support a number of operating systems at Rackspace, but the majority
 of our customers have Linux servers, which are vulnerable to Knark attacks,"
 said Richard Yoo, chief technology officer of Rackspace.  "As the largest
 managed server provider for Linux, we believe it is our duty to release the
 source code for Alamo so we can work with the open source community to develop
 a complete solution to this problem."
     Alamo source code can be downloaded at no cost from the Rackspace Web site
 at http://www.rackspace.com/alamo.
 
     About Rackspace Managed Hosting
     Rackspace Managed Hosting provides its customers with full-service hosting
 solutions, including state-of-the-art data centers, customized Internet
 servers, burstable connectivity, server software and 24 x 7 expert management.
 With Rackspace's SmoothScaling capabilities, Web developers, e-businesses and
 application service providers can add bandwidth or server capacity on demand.
 Monthly fees range from $300 to $50,000 per month, depending on the complexity
 of the server architecture.  The company, which was founded in 1998, has
 locations in Texas and London and currently manages more than 3,100 servers
 for customers in more than 40 countries.  Rackspace was recently named the Top
 Dedicated Server Company in Web Server List's Hosting Awards and voted the Top
 Dedicated Server Host by WebHostMagazine.com.  For more information, visit
 www.rackspace.com, or call 800-961-2888.
 
      For more information, please contact:
      Lew Moorman                  or     Elizabeth Anderson
      Rackspace Managed Hosting           Springbok Technologies, Inc.
      (210) 892-4000                      (972) 480-9458, x172
      lmoorman@rackspace.com              eanderson@springbok.com
 
 

SOURCE Rackspace Managed Hosting
    SAN ANTONIO, April 4 /PRNewswire/ -- Rackspace Managed Hosting, a leading
 provider of managed Internet hosting services, today announced the release of
 "Alamo," a solution to Knark, which is a lethal weapon in the Linux computer
 hacker's arsenal.
     Knark is a type of cracking weapon often referred to as a Trojan horse --
 a program that hides malicious or harmful code inside seemingly harmless data.
 Knark is used by hackers to cover their tracks, making it virtually impossible
 to detect any kind of malicious activity until it is too late.  After
 infiltrating the server, a hacker can insert Knark into the deepest level of
 the Linux operating system and use it to shoot down any attempts at discovery.
     As Knark is virtually undetectable while a computer is running, the
 problem poses a serious threat to computer security, particularly for servers
 that need to be up and running constantly.  The only way to detect whether or
 not Knark is being used is to take the system offline and perform an "autopsy"
 on the drive.  If the system is mission-critical, however, taking a server
 down may not be a viable option.
     Rackspace, which currently manages more than 3,000 customers' servers and
 over 2,000 Linux Servers in its Texas data center, is concerned about the
 problem and has decided to release a solution to the Linux open source
 community for further development.  The solution, called "Alamo," cleverly
 uses some of Knark's tricks against it.  Once applied to a system or server,
 Alamo reveals all of the files that Knark has "hidden," enabling the system
 administrator to determine whether or not the system has been compromised.
     Although the first to admit that his solution is only a partial one, the
 Rackspace employee who developed the code explained that there still is no
 reliable way to detect Knark.
     "Alamo can level the playing field a little and give the system
 administrator a chance to look around the system without taking a
 mission-critical server offline," said Kelley Spoon, a Linux system developer
 for Rackspace.
     "We support a number of operating systems at Rackspace, but the majority
 of our customers have Linux servers, which are vulnerable to Knark attacks,"
 said Richard Yoo, chief technology officer of Rackspace.  "As the largest
 managed server provider for Linux, we believe it is our duty to release the
 source code for Alamo so we can work with the open source community to develop
 a complete solution to this problem."
     Alamo source code can be downloaded at no cost from the Rackspace Web site
 at http://www.rackspace.com/alamo.
 
     About Rackspace Managed Hosting
     Rackspace Managed Hosting provides its customers with full-service hosting
 solutions, including state-of-the-art data centers, customized Internet
 servers, burstable connectivity, server software and 24 x 7 expert management.
 With Rackspace's SmoothScaling capabilities, Web developers, e-businesses and
 application service providers can add bandwidth or server capacity on demand.
 Monthly fees range from $300 to $50,000 per month, depending on the complexity
 of the server architecture.  The company, which was founded in 1998, has
 locations in Texas and London and currently manages more than 3,100 servers
 for customers in more than 40 countries.  Rackspace was recently named the Top
 Dedicated Server Company in Web Server List's Hosting Awards and voted the Top
 Dedicated Server Host by WebHostMagazine.com.  For more information, visit
 www.rackspace.com, or call 800-961-2888.
 
      For more information, please contact:
      Lew Moorman                  or     Elizabeth Anderson
      Rackspace Managed Hosting           Springbok Technologies, Inc.
      (210) 892-4000                      (972) 480-9458, x172
      lmoorman@rackspace.com              eanderson@springbok.com
 
 SOURCE  Rackspace Managed Hosting