Comments (4)
This attack container should consist of two binaries so far:
This should also fix issue #74, unless we decide to have an instrumented version of logs, without proper parsing.
from ecommerce-workshop.
The attack container will also at some point after spin up need to do the following using a bash script. Use a leaked ssh-key ( bootstrapped with the environment ) in order to sign into one system running sshd and plant a new authorized_key. Then after some time wipe /var/log/secure log and zero out the unallocated space on the disk ( 10MB lets say ) using sudo dd if=/dev/zero of=tempfile bs=1m count=10
. This will probably require adding sshd, an unprivileged user, sudo, and the dd binary to a system in the infrastructure.
from ecommerce-workshop.
The attack container will also at some point after spin up need to do the following using a bash script. Use a leaked ssh-key ( bootstrapped with the environment ) in order to sign into one system running sshd and plant a new authorized_key. Then after some time wipe /var/log/secure log and zero out the unallocated space on the disk ( 10MB lets say ) using
sudo dd if=/dev/zero of=tempfile bs=1m count=10
. This will probably require adding sshd, an unprivileged user, sudo, and the dd binary to a system in the infrastructure.
So this container needs to access another one in the cluster? Trying to figure out some implementation details here. The automation part sounds like a challenge given the ways we can deploy this system. My guess is we have to aim for docker-compose as the deploy/trigger mechanism since it'll be in Katacoda yes?
from ecommerce-workshop.
I think we can close this, @andrewkrug ?
from ecommerce-workshop.
Related Issues (20)
- Discount codes should work HOT 3
- Tracer contexts are not working in logs
- update logging configuration in store-frontend so that Ruby intergration pipeline can be used as is HOT 5
- ARM build support
- discounts-service or discounts in the k8s yaml files HOT 1
- RUM config `env` value should come from environment var HOT 1
- Auto-generate RUM data HOT 5
- Problems building store-frontend-broken-no-instrumentation HOT 1
- Expose and increase Shopping Cart functionality
- Getting NoMethodError after deployment using generic-k8s method HOT 1
- RUM not working HOT 2
- Hardcoded agent on localhost in advertisements and discounts HOT 3
- Make ads and discounts services XHR compatible HOT 1
- Add to cart does not work in embedded synthetic browser test recorder HOT 2
- Update ddtrace in discounts and ads services to latest
- Update ddtrace Gem in storefornt to lates tversion
- Unable to export profile: ddtrace.profiling.exporter.ExportError: HTTP Error 403
- ECS example: Error loading the 'postgresql' Active Record adapter HOT 1
- Unable to deploy storedog Application HOT 4
- Unable to deploy Store Fronted Application
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ecommerce-workshop.