THE BLOG

StorNext labels gone? DON’T panic!

Topic

In SAN environments labels are often used to address a specific LUN, rather than using the device identifiers or numbers, to simplify the addressing of devices. Plus, a device does not have to be tied to a unique device number/id.

Losing a label due to a crash, or a defective hardware part or simply because a client overwrote the label, leaves the administrator in a quite scary und definitely uncomfortable situation. Data can’t be accessed or could even be lost.

Continue reading

StorNext performance: Allocation fill or round robin?

Topic

There are many ways to configure and optimize your file system under StorNext, and one option that makes (or can make) a difference is the allocation strategy. Which setting to use depends on your storage and the type of content you create. For the media and entertainment world we talk about unstructured data.

For the sake of this example, I create an imaginary setup with a StorNext based MDC and one 24bay RAID (dual controller) with 2 x 24bay expansion chassis. Continue reading

FibreChannel zoning template

Topic

A SAN (storage area network) provides the option of allocating resources for device load balancing and for selective data access only to certain users. This administrative setting is called Zoning and essentially allows the administrator to control who can access what data in a SAN.

Continue reading

StorNext metadata slowness

Topic

As the  SAN environment contains many moving parts from the storage subsystem, fibre channel HBA’s, SFP’s, optical wire, the FC and Ethernet switch all the way to the metadata disks and the StorNext file system from Quantum it cannot really be called trivial. Every now and then you may struggle with performance issues that might be caused by any part mentioned above.
In such a complex environment you need to have some troubleshooting skills or you will end up ripping your hair out. Although there are many parts, I am going to focus on the StorNext metadata side in this article as I have seen it a few times now and users ended up remaking the file system.

Situation

Your SAN is working as expected with a decent performance; however, suddenly you hear from your users that browsing a folder takes a loooong time. Continue reading

Shellshock Vulnerability – Bash bug

Just recently (24 September 2014) the Shellshock bug has been discovered in the Unix Bash shell which is a wide spread used shell. This is also a known bug for OS/X based systems. Especially servers reachable in the Internet could be compromised quite easily.  According to various statistics, 50% of the Internet is driven by Unix flavored systems and almost all ports like HTTP i.e. Meaning even if you do not allow access via SSH or Telnet to this server it could be compromised via HTTP and the executable interpreter underneath.

The bugs cause Bash to unintentionally execute commands when they are stored in specially crafted environment variables and compared to the SQL Slammer in 2003 (which brought the Internet down for 12 minutes) could be worse.

Robert Graham (at errata security) who has discovered the bug wrote a little test script to demonstrate the bug which convinces machines to execute the ping command.

What does the ShellShock bug could do?

An infected host (probably a web server) scans for it’s next targets (as many as he can reach) and induces them to download the exploit code and those in turn start scanning and exploiting. This could be used for a DOS (Denial Of Service) download malware or whatever the author of that script intends to do.

How can I test if my Bash shell is vulnerable or not?

You can run this simple command below which will tell you if your Bash in vulnerable or not:

env X="() { :;}; echo busted" bash -c "echo stuff"

Result: busted stuff = Bash welcomes the bug
Result: stuff = safe (for now?)

Are there patches available?

Almost all Unix flavors have a patch available which can be updated via yum, apt-get or your choice of package manager.