Bodacion Technologies says it's done just that. It designed its HYDRA server around a number of key security measures that it claims can thwart hacker intrusions, viruses, DoS attacks, and other security threats. If Bodacion's ultrasecure Web server is all it claims, it could be the Web security solution companies have been searching for. A look at the features and technologies that make HYDRA secure may help you decide whether it could be an effective solution for your network. What is HYDRA?
HYDRA is a Web server that combines hardware and software to improve reliability and security. Instead of relying on an operating system like Windows, HYDRA is an embedded system that runs on a kernel. Bodacion compares HYDRA to the systems used in pacemakers and flight control systems and says that because the embedded software is far smaller and less complex than the operating systems running PC servers, it is much more reliable and secure. Bodacion says its best fit is in enterprises that require a high level of reliability, availability, and security. But HYDRA isn't a server appliance that performs a specialised task. It can serve a number of functions, and it comes with Java and Genesis (a small object-oriented programming language) so users can program it to run the applications they need. Given the current reliance on systems running operating systems such as Windows, Linux, and UNIX -- all of which have their own issues and vulnerabilities -- HYDRA represents an alternative to the current way of thinking and may give net admins a way to neatly avoid having to deal with OS vulnerabilities. Security measures
Two components account for HYDRA's security: a complex encryption algorithm and an embedded system approach. Bodacion offered $100,000 to anyone who could crack the algorithm. During the 60-day period the contest was held, hundreds of thousands of participants attempted to break the code, but no one was able to decipher any of the sequences generated by HYDRA's algorithm. The mathematics behind the system enables HYDRA to generate unique passwords and session IDs that are difficult, if not impossible, to guess. According to Bodacion, the characters generated by the system repeat only once in about every 100 years. The other part of the system that helps security is the lack of an OS. Because of the complexity of existing operating systems, ferreting out all of the vulnerabilities and bugs that open the systems to attack presents a huge -- almost insurmountable -- obstacle. Does anybody really believe that Microsoft will eliminate all of the bugs in Windows that make it a prime target for hackers? It sounds like a Dilbertesque approach to securing a Web server, but Bodacion's idea is simple: by removing the OS, you remove the vulnerabilities. HYDRA's embedded system is smaller and less complex and inherently easier to secure. Embedded systems are used in many common electronics, from microwave ovens to cell phones, and are considered difficult to hack. Without an OS to take control of or exploit, hackers can't break into the system. Bodacion says that because HYDRA doesn't have an OS, there's no need for antivirus software and firewalls. Not only that, the company claims that HYDRA is more secure than firewalls anyway. Hackers can launch attacks by taking advantage of the traffic allowed through a firewall, whereas HYDRA offers nothing for the hacker to break into -- eliminating the threat of intrusion. Eliminating the OS is a novel concept, and many may be slow to warm to it. After all, we've come to rely on operating systems like Windows because of their ease of use. But although Windows' user-friendly default settings simplify setup, they also leave many openings hackers can use to their advantage.