I’m looking to offer potential customers a free trial of a product by way of offering a VM for download.
However we could like to control the licensing/trial by remote disk encryption/decryption.
Basically I'm looking for a way to get an full disk encrypted VM to make a call to remote host and check if the license is still valid and then pass it a decryption key.
So question is, has anyone heard/seen/done this? Is it possible?
Thanks in advance for any response.
red_brick
Consider the Risk associated:
Users download the trial VM.
You decrypt within trial period.
Some Users will copy the files and won't buy the product.
Related
I have big access log (~30Gb) and I'm looking for ways for find suspicious/bot IP addresses. Of course, we can replace IP with (IP + User_Agent). So my questions are:
find average requests number that are done from any IP
find IP addresses that are making more requests than average (see previous point)
find IP addresses that are doing requests regulary (every hour for example) during day
you recommendations about how to detect bot
This log is rather big and I don't think that R lang could process it. Should I use some kind of storage behind R (hadoop or something similar)? I absolutely have no experience in processing/analyzing big data so any ideas, recommedations & tuts/articles are appreciated.
The access log probably contains a lot of data which you may not need based on your question, if you only care about the time of the request and the orginating IP you could easily reduce the data size by extracting "columns" from the input before reading it into R, some standard command line tools such as cut or awk should do the trick.
If you want to keep more details another option could be to load the access log into a database and use this for further processing, 30GB is not a lot for a database, but of course this means some additional work: design a datbase schema and a way to load the data in the database.
You can also do the following type of analysis
Getting the geo location of IP addresses and comparing access frequency based on geo_location + time at geo_location (the access frequency could be normal during day time at the geo location but not after midnight)
If you have username information, check whether multiple IP addresses are using the same username during same time period
WSO2 has done some Anomaly Detection work using their Analytics Platform which is pretty scalable for most anomaly detection scenarios. Check it out - http://wso2.com/analytics/solutions/fraud-and-anomaly-detection-solution/
This might be a better option than doing through R, since it allows you to do complex event processing (through SQL like queries) as well as machine learning.
You can also do the following type of analysis
a) If the IP address is from data center range, it is likely from a bot than normal user.
b) If the IP address is from search engine range, it is high likely from a search engine bot.
You can get the geolocation database from IP2Location which has the usage type information to detect data center or search engine.
Check goaccess.io - works for me. With logs for different websites, distributed on several servers. Allows usage of GEOiP and identifies bots out of the box.
Check out https://ipdetective.io it tracks IP addresses that originate from datacenters, vpns, proxies, tor node and bot nets. It offers a free API as well so you can test it out.
In relation to my earlier similar SO question , I tried using snow/snowfall on AWS for parallel computing.
What I did was:
In the sfInit() function, I provided the public DNS to socketHosts parameter like so
sfInit(parallel=TRUE,socketHosts =list("ec2-00-00-00-000.compute-1.amazonaws.com"))
The error returned was Permission denied (publickey)
I then followed the instructions (I presume correctly!) on http://www.imbi.uni-freiburg.de/parallel/ in the 'Passwordless Secure Shell (SSH) login' section
I just cat the contents of the .pem file that I created on AWS into the ~/.ssh/authorized_keys of the AWS instance I want to connect to from my master AWS instance and for the master AWS instance as well
Is there anything I am missing out ?
I would be very grateful if users can share their experiences in the use of snow on AWS.
Thank you very much for your suggestions.
UPDATE:
I just wanted to update the solution I found to my specific problem:
I used StarCluster to setup my AWS cluster : StarCluster
Installed package snowfall on all the nodes of the cluster
From the master node issued the following commands
hostslist <- list("ec2-xxx-xx-xxx-xxx.compute-1.amazonaws.com","ec2-xx-xx-xxx-xxx.compute-1.amazonaws.com")
sfInit(parallel=TRUE, cpus=2, type="SOCK",socketHosts=hostslist)
l <- sfLapply(1:2,function(x)system("ifconfig",intern=T))
lapply(l,function(x)x[2])
sfStop()
The ip information confirmed that the AWS nodes were being utilized
Looks not that bad but the pem file is wrong. But it is sometimes not that simple and many people have to fight with this issues. A lot of tips you can find in this post:
https://forums.aws.amazon.com/message.jspa?messageID=241341
Or check google for other posts.
From my experience most people have problems in these steps:
Can you log onto the machines via ssh? (ssh ec2-00-00-00-000.compute-1.amazonaws.com). Try to use the public DNS, not the public IP to connect.
You should check your "Security groups" in AWS if the 22 port is open for all machines!
If you plan to start more than 10 worker machines you should work on a MPI installation on your machines (much better performance!)
Markus from cloudnumbers.com :-)
I believe #Anatoliy is correct: you're using an X.509 certificate. For the precise steps to take to add the SSH keys, look at the "Types of credentials" section of the EC2 Starters Guide.
To upload your own SSH keys, take a look at this page from Alestic.
It is a little confusing at first, but you'll want to keep clear which are your access keys, your certificates, and your key pairs, which may appear in text files with DSA or RSA.
My church has a management software that we would like to have several people access at the same time but over the internet. We have a website but it is hosted by another company. Is it possible to create a hyperlink on our website to access this program on our office computer? The hyperlink would be setup so that it is not visible to those who don't have access to the program. We have tried several remote access program such as TeamView and Go2MyPC. These give access to the entire computer and that is not something we want either. If we can't do the hyperlink is it possible for us to turn this computer into a server and access it that way> Again the focus is for at least 5 people to be able to use this software at the same time should that need arise.
Our church management software is designed to be run on a network. We have already setup the user IDs and passwords for the group who currently have access to the it. The problem is that we only have one office computer and all of or group can't use it at one time because the each have access to different parts. I.e. Treasurer can only acces financial module, clerk can only access membership roster and so on. The goal is to find the path of least resistance that will allow as many of these people to access this software at the same time as possible remotely. I understand the security issues so to that I ask if anyone thinks we should get another computer to make into a server or turn this on we have into one.
Is there an advantage to hosting our own website on our machine where the management software is already located?
You actually have three different problems:
You are trying to use a "nonserver machine" as a server. I assume it doesn't have a static IP address; a static hyperlink will fail. Since you have a web site, you can set up your Management Software Server (for lack of a better name) to check in with your web site server, which will hold the latest IP address for your MSS. Your users can then check in with the web server and then connect to your MSS.
You are trying to keep most people out, but some people in. You need an authentication scheme. This usually means a login name and password, and a secure way to transmit it. SSL is probably what you want to look at. You'll need a SSL certificate (you can make your own), and a client program (web browsers work) that can make SSL connections.
You are trying to allow your users to do only some things, but not others. You need an authorization scheme. This is provided by the server application, such as the Windows Remote Desktop. Without knowing how much granularity you need, it's hard to say exactly what you need.
#bdares hit a bunch of your issues right on the head...
And then some... As a church, sounds of funding already ringing that they won't have that type of funding to handle... especially opening up a channel to the church management and possible accounting. Even if offering your own SSL certificate, getting hacked is getting easier and easier. If its a low budget operation with financial data readily easy for the taking, I'd hate to see a church (or any other legitimate non-profit organization) get messed up.
There are a lot of security issues to deal with and you can NOT take it lightly.
I would like to know if there's an open source application that can:
-Being open-source (obviously free, no cost at all)
-Check which ports are being used and check the bandwith used by each of them.
-Based on requirements above create a weekly report. With details of each prt per day and time specifications.
I have read about Ethereal for the Network Monitoring and JasperReports for the Report-creation-stage, but haven't gone much on details yet..
If my specifications cannot be met with a free app then I would like to say that I could work with Java to check which ports are being used, but I still don't know if Java could handle ALL the requirements... please, I would really like to have an answer for that.. Because I could start working on it right now but I want to be sure Java can have everything covered.
PD: If Java can't be a solution what would you suggest?
suggestions for you:
Colasoft Capsa Free: http://www.colasoft.com
Spiceworks: new user, cannot give link.
Or google: free traffic monitor
Is there a way to store values on client side permanently?
I have a site, flash game (the game is not developed by me, of course), after you registered, it will recognize you even after u close browser, clear cache and cookies, and even restart computer and modem. Where do they store the values? Why the flash game can recognize me after few days?
After research in google, I still cant get the answer. My guess is, is it stored in my computer RAM? How could it possible? If my guess is true, how do we store values in RAM??
FYI:
The flash game is created in : AS3
RAM is not perisistent with reboots. So its not possible to remember anything stored in RAM even after a single reboot. I have read about something called "Local Shared Objects" which are a bit more than the normal ones. Clearing normal caches/cookies wont clear them away.
It's probably stored on the server, and the client is recognised by IP address and maybe also browser id string.
Maybe it's a Flash Cookie?
Can't store in RAM if you're saying that it remembers you after reboot.
Your modem have an IP and also another ID which can be in this form:
c9067688.static.spo.virtua.com.br
Maybe it's taking this ID...
the game recognizes you only after logging in to the site or just open the url..??
if it recognizes you after login, then its probably stored it in a server.