Find the answer to your Linux question:
Results 1 to 5 of 5

Thread: DSL Security

Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    DSL Security


    Ok I'm working on a small personal project in evolutionary computing, and some of the programs I am expecting to create will be potentially harmful. Because of this I have decided to set up a distro of DSL running from a pen drive as an environment, and I am using qemu to run it.

    The basic idea from my point of view is to ensure that nothing can get out of the environment and damage any computers in the surrounding environment.

    Most of the computers I will be running qemu on will be XP machines, and the code in the evolutionary programs will be written in bash, so I feel fairly safe that other machines will not be affected. Being fairly inexperienced in this field however I feel compelled to ask the experts of their opinions.

    Also I'm concerned that I am able to access the internet from the device. How would I go about blocking outgoing connections? I try to be a good netizen...

    (on a side note I have been planning to run DSL for years, as I am mainly a windows person, but feel that linux is the logical choice for some more accademic pursuits - I was genuinely shocked to have a working distro within 15 min of visiting the DSL website. Great job guys! )

  2. #2
    Linux Engineer RobinVossen's Avatar
    Join Date
    Aug 2007
    Location
    The Netherlands
    Posts
    1,429
    I dont really get what you are going to do..?
    If you are scared that the qemu-WinXP can break if youll download a Trojan. the answer is yea it can. Or if you wonder if it can infect other Windows pcs in the network. Yea can happen.

    But well waht is your try..

    Cheers,
    Robin
    New Users, please read this..
    Google first, then ask..

  3. #3
    Ok basically I'm trying out some pretty basic evolutionary computing, where commands are randomly generated by chance random strings, some of which will do something, and the rest are deleted. Those that do something will then have the chance to mutate and become longer and possibly more powerful. Those that are more powerful will then be carried forward, and I wish to observe those which survive.

    The problem is that since I am not directly controling the generations of programs, I cannot guaruntee that harmful programs will not manifest, seeing as the manner in which commands are generated is 99% random, with the only banned command being 'sudo' for obvious reasons.

    Because of this I wish to keep the environment contained from whatever may try to get out, in order to protect computers that may come into contact with this machine.


    Obviously I'm dumbing a lot of the concepts down because I do not know if anyone else has and interst, let alone knowledge. What I wish to know, to put it quite simply, is what I can do to stop anything from getting out, especialy with the machine having a centrino wireless card. As I understand, by running it on a virtual machine, I should be able to contain it in this way.

    Is this correct? If not, what precautions must I take? The VM does not need to access any other machines, however I obviously need to be able to get in to check on it.

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Engineer RobinVossen's Avatar
    Join Date
    Aug 2007
    Location
    The Netherlands
    Posts
    1,429
    As long as the user is NOT root he cant really do anything dangerous.
    And if you'll run him from a VM he will be completely save.
    Max he can do Is spam the hell out a lot.

    But thats no problem.

    Cheers,
    Robin
    New Users, please read this..
    Google first, then ask..

  6. #5
    thanks - guessing if I tell the firewall on the windows machine to block anything coming from qemu I can prevent that spam too?

    I try to be considerate, noone wants a computer generated jumple of incomprehensible characters spewed into their mailbox...

    Even more scary would be if it made sense....

    Might take a few years to get something resembling a spambot...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •