[Ilugc] "Secure"/"Trustable" running of command on untrusted box
Hi, I have a completely untrusted remote (sand)box (stranger has root on it). I'd like to "trigger" running a program on that box and like to get the triggered program's output from that box. My problem is in trusting the output of this program since it (or the layers above/below it) could have been tampered with by the said root user. How can I trust something coming from an untrusted box? Context: The stranger will be challenged to solve a problem on the box (say, apache fails to start, we'd like the stranger to fix it). To measure whether the stranger has solved the problem, I'd like to run something on the box (ex: ps -ef | grep apache) to validate if the end state has been achieved. However, such a naive 'ps' test can easily be cheated using a rootkit or possibly using other simpler means of reverse engineering / cheating. My current approach is to only extract part of the needed information from the box and do the validation from outside (ex: by comparing against a reference / control / ideal solution). But not all challenges will fit into this scheme (the example outlined above cannot be done this way since we'd like to actually see if such a process is running, however, for instance, I can certainly challenge a person to write a fibonacci series generating program on the machine and be able to confidently validate that program's output from this machine. In this case, the "truth" being validated is universal, whereas systems specific truth (such as whether mysqld has been configured correctly or not) can be found out only by probing the machine). Any solution that involves cryptography / signing / etc., or anything else that is out of the box will be helpful. Any tips / ideas? Regards, -Suraj -- Career Gear - Industry Driven Talent Factory http://careergear.in/ ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Hello Experts and Open source Enthusiastics
Please check the following link, you might some interesting open source solutions: http://en.wikipedia.org/wiki/List_of_free_and_open_source_eCommerce_software On Sat, Dec 1, 2012 at 10:41 PM, jaya kumar wrote: > Hai to all, > > one of my friend opened a new shop in chennai. its related to electronic > items accessories related to pc,system parts,we are planning to going to > develop a website.The website need to show system quote and details of the > todays price of the laptops and system spare parts details with their > images. we are just a startups.! so we are not able to give this project to > some one else. Dont mistake us. if we plan to learn to develop a website > these kind of website > what are all the aspects we need to learn from scratch onwards. > > we dont know the hosting, domain, sql,and any languages,how many days or > months we can took to develop these kind of website > and launch ? > > Your valuable suggestions are welcome. > > I may not be a good technical stuff in front of you people. I dont know > whether am eligible to put this question in this forum or not ? Bad > comments also welcome. > > > > Thanks and Regards > > Jaya > l > (Hundred failures may teach lesson to good destination ) > ___ > ILUGC Mailing List: > http://www.ae.iitm.ac.in/mailman/listinfo/ilugc > -- Sincerely, Ershad K http://ershadk.com ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
[Ilugc] ToD - webalizer
Tool of the Day: Webalizer The Webalizer is a GPL application that generates web pages of analysis, from access and usage logs, i.e. it is web log analysis software. It is one of the most commonly used web server administration tools. Statistics commonly reported by Webalizer include: hits; visits; referrers; the visitors' countries; and the amount of data downloaded. These statistics can be viewed graphically and presented by different time frames, such as per day, hour, or month. features: - Unlimited log file sizes and partial logs are supported, allowing logs to be rotated as often as needed, and eliminating the need to keep huge monthly files on the system - Fully supports IPv4 and IPv6 addresses. Includes built-in distributed DNS lookup capability and native Geolocation services - Is written in C to be extremely fast and highly portable - Handles standard Common logfile format (CLF) server logs, several variations of the NCSA Combined logfile format, wu-ftpd/proftpd xferlog (FTP) format logs, Squid proxy server native format, and W3C Extended log formats Home page: www.webalizer.org for Binary package and other information: http://pkgs.org/search/?keyword=webalizer regards, dhanasekar ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Hello Experts and Open source Enthusiastics
Please see below: On Sat, Dec 1, 2012 at 10:41 PM, jaya kumar wrote: > Hai to all, > > one of my friend opened a new shop in chennai. its related to electronic > items accessories related to pc,system parts,we are planning to going to > develop a website.The website need to show system quote and details of the > todays price of the laptops and system spare parts details with their > images. we are just a startups.! so we are not able to give this project to > some one else. Dont mistake us. if we plan to learn to develop a website > these kind of website > what are all the aspects we need to learn from scratch onwards. What is there to mistake? Entrepreneurship creates wealth and funnels jobs. What is wrong in that? There is only anything good with that. But one should be ethical,moral and bold in business and survive for more than 5 years. > > we dont know the hosting, domain, sql,and any languages,how many days or > months we can took to develop these kind of website > and launch ? > It will not take months. You need to pick up certain ideas like hosting, domain, web space etc. Cloud blah blah. You can get your website up and running with an Amazon instance if you prefer. They have a trial run for a year. But it may be be better to go for a hosting at around 20$ a month. And web development for your online store is not easy. You have to model your site after flipkart.com(Google or ask friends) and you will succeed. Be ready to spend around 60k INR to pay a good web developer and you are ready to go. Time taken to develop perhaps 1 month. Not sure. It depends how many items you have to sell. But I have not done all this. Only giving you a rough idea to plan your expenses and timeline. Hope this helps. May God bless you with success. -Girish ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
[Ilugc] call for articles - kaniyam December edition
friends. A long time dream is becoming true because of you all. 11 months of collaborative efforts makes the kaniyam magazine as a great asset to Tamil and free software community. let us travel to this long journey together. tons and tons of thanks to all our contributors. this is time for December edition of kaniyam. please send the articles soon so that we can release it soon. send articles in Tamil about free software to edi...@kaniyam.com thanks. ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
