Tuesday, June 16, 2009

Say hello to RoboAdmin !

Hi Folks,
today I wanna present one of my research field. His name is RoboAdmin.
We have presented him in same places like for example the International Workshop on Security in Information Systems 2007 and Computer Standards & Interfaces, Elsevier. This october we will be in Network and System Security in Australia, presenting his new architecture (tanks to apache felix project )and new experiment results. I really appreciate your impression about him.

In all of the commonly adopted system administration schemes, a service runs on the target system, either providing a remote view of the locally available administration tools (e.g: remote terminal, remote desktop), or implementing a back-end for the execution of complex commands received through a corresponding front-end (e.g.: web-based administration interfaces).
The service usually exposes a single access point, which is the obvious target of attacks like DoS or brute-force authentication attempts. Limiting the impact of these attacks can be difficult: usually, the more effective any proactive measure gets, the higher the risk of lock-out even for legitimate administrators (and the greater the complexity of the access interface). RoboAdmin aims at solving this problems by reversing the connection giving access to the server. An administration engine replaces the classical service, originating connections to an intermediate system rather than listening for connections. The immediate advantage arising from this design choice is that there is nothing to attack on the remote host.
The intermediate system should act as a meeting place between the system and its administrator. For this reason, the obvious choice is to exploit the widely available instant-messaging systems as the communication infrastructure. A RoboAdmin installation sends one or more agents on predetermined IRC channels (or, in the future, any other platform) where the administrator can meet it, authenticate him/herself, and start interacting as he/she were chatting with the server. Of course there is the need for taking care of many implementation details for making the system really practical and secure: stay tuned for a more comprehensive documentation and to-do list in the near future!

You can download him here, also new sources are available. The following example refers to a two-year old prototype, we actually have no video examples, but we're working on it.

I tend to represent RoboAdmin as human (by using him/her and so on...),btw I know that's wrong....

No comments: