Exocomm Technologies
Exocomm Technologies
Don't have an account? Register now!

Exocomm Linux Operating System (EOS)

The OS Exocomm OS is a complete Linux-based operating system that has been purpose-built to meet the needs of Exocomm clients. The Exocomm Operating System is a fusion of both open-source and proprietary software, designed to provide a secure, high-performance common platform suitable for mission-critical requirements.

We're pretty unique in that we can offer a "full stack" solution (rather than being stuck with specific platform vendors like Apple or Microsoft), enabling our customers to build any application they can dream of -- you pick the device, we'll handle the entire software stack. From tiny "Internet of Things" sensor nodes to enterprise storage and information security applications, we've got the whole stack for it, right here. We're big fans of open-source software. The Exocomm OS powers firewalls, compute nodes, routers, video displays, infrastructure servers and many other applications.

Exocomm's ongoing role in maintaining the Operating System includes:

  • auditing of all system configuration files such as password, protocol and service lists to reduce system complexity and mitigate potential vectors for unauthorized use of services
  • elimination of any software packages not necessary for delivery of product services, to produce an "embeddable" operating system with a small footprint
  • development of an automated testing framework suitable for performance, build verification (BVT) and remote integrity checks
  • isolation of privileged functions from non-privileged (end-user) services, including the use of "jail" environments
  • evaluation and cross-product unification of the tool-chain utilized in product development, including compilers, revision control systems and debugging utilities
  • evaluation and implementation of third-party auditing tools such as StackGuard, Valgrind and dmalloc, designed to defeat common remotely-exploitable error conditions including buffer overflows, memory leaks, resource exhaustion (Denial of Service) and privilege escalation
  • implementation of long-term plans to identify security-oriented audit policies, and plan work towards compliance with these policies
  • architecture-specific builds which allow our software to leverage the unique features of our hardware components, for example multi-core hyper-threading technology for high-performance enterprise variants versus energy-efficient, ultra-reliable processors
  • optimization of the TCP/IP stack and memory-management components for DNS and DHCP services
  • development of a fully automated build system capable of compiling and packaging both proprietary and third-party code
  • protection of Exocomm intellectual property via run-time encryption algorithms
  • evaluation and enforcement of a unified filesystem ACL (Access Control List) and storage quotas, to mitigate the risk of unauthorized access or software component failure
  • creation of a universal installation/recovery media package, suitable for delivery to end-users on CD, USB key or portable hard disc
  • introduction of HA (High Availability) modes of operation including redundant fail-over (FO), load balancing (LB) and multi-node clustering
  • creation of a common control API allowing common OS-level functions to be called by proprietary product code; for example adjusting firewall access control policies, starting/stopping service daemons, or rebooting the system
  • unification of system event/error logs into a single human-readable file, to support rapid diagnostics and end-user device management
  • placing responsible developers in direct contact with third-party software vendors, in order to foster a mutually beneficial relationship in which software vulnerabilities and performance data are communicated rapidly and accurately
  • elimination of dependencies which could prevent or delay the future porting of our products to other operating systems or hypervisors, including RTOS (Real-Time Operating System) and virtualized environments
  • complete and automatic auditing of software component licensing and copyright requirements
  • streamlining of software installation, recovery, update and patch processes, eliminating the role of the end-user in maintaining highly complex and interdependent software modules and providing the ability to respond more rapidly to emerging security risks
  • implementation of unified system monitoring functionality, supporting both real-time and polling checks within Exocomm, to detect potentially catastrophic conditions such as storage component failure, ACL (Access Control List) violation attempts and process crashes
  • formal implementation of the "agile" software development methodology
  • optimization of file-system (FS) components for fault-tolerance and high efficiency

Download the Exocomm OS ISO (exocomm-os.x86-generic.iso) and burn it to a DVD or USB storage device.

When the Exocomm OS boots up, you can select one of several modes from the menu.

automatic installation

For cloud-based installations, the entire installation and configuration process will occur automatically. This requires a licensed copy of the Exocomm OS. When this mode is used, all of your basic configuration options are burned in to your installation image no user input is required.

interactive installation

After booting your Exocomm OS media, select the interactive installation menu option to install the Exocomm Linux Operating System. This allows you to enter basic setup information from the console. Interactive installation mode is always available on licensed or generic media. If you have a licensed image, the automatic installation mode can be used to install your device without entering any configuration information.

We've designed the installation process to be fast and easy. Most machines should take no more than a few minutes to install.

During installation, the primary storage device (generally the SDA SCSI device, or primary flash chip) will be securely erased. Nothing from the previous operating system will remain. This ensures no artifacts from a previous operating system remain on the storage medium (for example, sensitive data from a previous installation). The process also ensures the storage device is working correctly (that there are no bad blocks on the device). This pre-allocation of storage blocks also tends to improve performance in some virtualization environments, because the machine is more likely to allocate a contiguous set of blocks, rather than scattering them around different discs or regions of the disc).

This operation can take some time, since every block on the storage device is written but by doing this, the installer ensures that the node is clean no sensitive data remains from previous installations, and that the storage device is in perfect working condition. Its far better to discover a faulty hard drive or flash chip at installation time than to find out weeks later when the machine is in service.

WARNING : Please be careful! Make sure you are installing the right image on the right machine! All existing data on the computer will be erased. It is not possible to recover any data from the computer after this operation! Back up all data before booting the Exocomm OS installer!

Enter the host name for your machine.

Enter your desired root password.

Select the type of link (ethernet or wifi) you wish to use for your default gateway.

Select the address allocation mode for your default network gateway.

If using a static address, enter the IP address, netmask, gateway and DNS server information.

Now that you've entered basic configuration information, the installation begins.

You're done! Remove your installation media and press ENTER to boot up your device.

text mode

Select the "text" option to start the Exocomm OS.

diagnostic mode

The hardware diagnostic mode will test the machines RAM and storage devices. This operation is destructive!

forensics / recovery mode

The forensic boot mode is designed for the extraction or recovery of data from a running machine. Its useful for forensic work, for data recovery for debugging of kernel crashes. This mode will permit the capture of raw memory (for example, to recover a key or other evidence from a running machine). The kernel will use only 64 MB of memory; thus there is a risk that some data will be overwritten by the running kernel, but in most cases this is sufficient to recover most or all of the desired data from a running machines memory or hard discs.

When booted in this mode, no storage will be touched, no network devices are available, and only a small amount of RAM will be tainted. However, you can attach USB-based storage devices on which to store recovered data. You must mount the storage and perform the recovery procedure manually.

accessing the memory of a warm-booted machine

Weve had some customer requests to allow forensic examination of a systems RAM (a malicious employee had encrypted the filesystem, locked the workstation and left, customer needed the encryption key from memory to access critical company data). The Exocomm OS supports this, but it is important to realize that some memory will be tainted during the boot process. To access the machines memory, you must insert the fmem module :
Module: insmod fmem.ko a1=0xc104d530 : OK
Device: /dev/fmem
----Memory areas: -----
reg00: base=0x07d000000 ( 2000MB), size=   16MB, count=1: uncachable
reg01: base=0x07e000000 ( 2016MB), size=   32MB, count=1: uncachable
reg02: base=0x000000000 (    0MB), size= 2048MB, count=1: write-back
reg03: base=0x079e00000 ( 1950MB), size=    2MB, count=1: uncachable
reg04: base=0x0d0000000 ( 3328MB), size=  256MB, count=1: 

recovering data from a failed storage device

The Exocomm OS provides a number of tools for data recovery. The diagnostic boot mode can be used to identify problem devices, and the recovery mode can be used to fix things. Here are some general suggestions for using the Exocomm OS in a data recovery situation.

First, examine a SMART report for the failed device. This information can be useful, but is not absolutely definitive the device may still die even if SMART reports that everything is okay! SMART can tell us how long the storage device has been in service, how many power on/off cycles it has endured, the highest operating temperature it has sustained, and so on. Based on MTBF and other parameters, SMART can give you some indication as to when the device can be expected to fail in the future. If the device cannot be seen at this point, you probably have a hardware failure.

Next conduct a read-only, block-level test of the device (preferably a copy, to a rescue storage device such as a portable USB hard disc). If this succeeds, your storage device is healthy. You can then optionally conduct a write test as well. If this also succeeds, your device is fully functional at the block level. If this test/copy fails, youve got problems such as a worn-out flash disc or damaged media. Use the ddrescue tool to run a block-level copy which will tolerate these read errors, making a copy to a rescue media. You then have a block-for-block copy of the failing device, minus any blocks which could not be read (these blocks will be forever lost).

Once you have rescued the block-level filesystem image, try and mount the image. If the image does not contain the data you expect (it has been reformatted or otherwise damaged), use the testdisk tool to search for partitions. If appropriate, recover the partition table on the device, then extract files of interest from those partitions (by mounting the appropriate partitions).

If no partition tables / filesystems are found, your filesystem is very seriously damaged. Your last resort is to run a signiture-based restoration using the photorec tool. This will recover the undamaged files from the damaged filesystem, but you will lose all filesystem metadata in the process this includes the file names, directory structure, timestamps and so on!

You can then perform specific recovery tasks on the restored files. It is unrealistic to rebuild an entire filesystem from these recovered files in most cases at this point you will probably need to target specific critical data for recovery; for example if you have a MySQL database, you may be able to extract table data from recovered MYI files.

Once your filesystem has been restored, use the fsck tool on an ongoing basis to monitor its integrity.

Terms of Service
contact Exocomm
Exocomm software
Exocomm Technologies | (647) 812-7850 | Toronto, Ontario, Canada
Copyright 1992-2020 by Exocomm Technologies. All rights reserved.