Eskimo North


          [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

          Eskimo...


          • To: eskimo-announce@eskimo.com
          • Subject: Eskimo...
          • From: Robert Dinse <nanook@eskimo.com>
          • Date: Fri, 25 May 2001 02:10:28 -0700 (PDT)
          • Newsgroups: lobby, announcements
          • Resent-Date: Fri, 25 May 2001 02:10:44 -0700
          • Resent-From: eskimo-announce@eskimo.com
          • Resent-Message-ID: <"lVFNF2.0.J-5.J6Y3x"@mx1>
          • Resent-Sender: eskimo-announce-request@eskimo.com

          
               Relating to a post I made a while back about what I want to do with
          Eskimo, I've had quite a few people offer to help and I will get back to you
          all but can't handle the mail volume in real-time just yet so please be
          patient.
          
               I'm going to establish a local news group and possibly a mailing list
          to facilitate communications on this topic.
          
               I intend to mostly impliment this in a combination of C, Javascript, and
          Java, although there may be some perl, shell script, and other things, but
          as much as possible in C.  Java will be necessary for some things because there
          just is no way to get a web browser to do some of the things we need except
          Java.
          
               And on that topic, one of the things I desperately need to know is how to
          create a signed Java applet.  If anybody is familiar with this process that is
          an area I can definitely use some help with.
          
               Right now I'm still chasing down hardware, etc.  My intent at this point
          is to get DSL up and the news server replaced because these are both revenue
          generating items that will help pay for other things down the road. 
          
               Then network infrastructure and hardware, so we've got the faster hardware
          in place which will make the development of the software go faster by reducing
          the compile/test/debug cycle time.
          
               At this point, DSL should be available at about the end of this month,
          the third T1 to Sprint to reduce network clog should be here around June 11th,
          though that may be delayed slightly because of a facilities assignment error.
          
               I'm still working the drive issue for the news server.  Any info on good
          places to shop for high capacity SCSI drives would be helpful. 
          
               But once the more basic physical infrastructure issues are addressed,
          there are some things that are absolutely necessary to this project, and
          they include:
          
               The ability to create signed Java Applets, we've got an old version of JDK
          (1.0) on the Eskimo shell server, and down the road at some point we'll get a
          newer version on a Linux box (newer versions not ported to SunOS).  Creating
          applets is not difficult in and of itself, but they need to be signed in order
          to access things like files, ports on servers other than the webserver, etc,
          which are things that will be necessary.
          
               Another thing I need to come up with is a secure login scheme, where
          someone can login from the web, with their login and password, and some sort of
          cryptographic cookie will be provided that will identify future accesses as
          them.  This will both need a logout function that will invalidate the cookie
          and some form of timeout. 
          
               On this end, it will also require databasing of invalid login attempts so
          that if someone tries a login say more than three times in a short period of
          time, that login is disabled for some period of time to prevent dictionary
          attacks, alternately multiple unsuccessful attempts from a common IP address in
          a short period of time should disable logins from that IP address for the same
          reason. 
          
               The cookie produced has to be something that would be very difficult to
          generate without the aid of the login program and unique to each session so
          that it can't be saved and replayed later.  It should be tied to the
          originating IP address so someone intercepting the communications can't use it. 
          
               This is so central to so many other things that it's something I'd like to
          start attacking now while the physical issues are being addressed. 
          
          
          
          

          • Prev by Date: New "High Availability" Dial Plan 'H'
          • Next by Date: New Domains
          • Prev by thread: Eskimo...
          • Next by thread: File Server Death!
          • Index(es):
            • Date
            • Thread