Building Sentry Systems
From: Hal Flynn (flynn_at_securityfocus.com)
Date: Tue, 9 Sep 2003 07:17:09 -0600 (MDT) To: firstname.lastname@example.org
So, while on holidays in Phoenix, I drove up to Las Vegas to see a friend
that had relocated there sometime ago. If you've never driven the road
between Phoenix and Las Vegas, it's full of twists, turns, and nothing.
Given the opportunity to collect my thoughts in such an environment, I
started contemplating something another friend and I had discussed around
a year ago. One of the biggest limitations I've been able to identify in
storage systems is the ability to ensure the integrity of files.
A couple years ago when I took the Veritas Cluster Server course, I
learned that one of the by-products of using cluster technology is the
occurrence of split-brain, where two systems begin functioning on the same
cabinet of drives, thus accessing the same disks while carrying out
potentially different operations.
You probably see where I'm going with this, but what I started thinking
about is creating a self-contained system that functions independent of
the cluster, and has access to all drives in the cabinet. The system
stores integrity information locally, and acts as an audit host to monitor
the integrity of files within the storage cabinet.
Is anybody familiar with any research in this area? Has anybody
experimented with anything like this? I don't have access to any large
cabinets to tinker with these days, so I don't have the ability to play
with this on my own. I'd be interested in hearing about other similar
research and experimentation.