Sunday, August 24, 2014

How to Validate a Server

Validate a Server can be an important task when you are going to install a commercial applications with license only for specified servers. To validate a server we have to identify unique attributes related to servers. We can find unique attributes for a server both from software and hardware levels. Hardware level validation can be more reliable than software level since software level data can be easily fraudulently changed than the hardaware level data. But your selection may dependent on your requirements.
With this post I am describing how you can validate a server with hardware information. Simply you can access to Systems' hardware informations. As an example in Linux operating systems you can execute "dmidecode" and get the system information list (you can implement an application to execute those command programmatically using any programming language).
Then you can identify unique data elements related to a server like Serial Key, UUID, MAC etc.
You have to do a strign manipulation and retrive the those required values from the System information list.
Then for the best security we can  encrypt that value and also create a hash value from it. Now, we have a pre created and authenticated hash value. When ever we need to validate the server, what we have to do is dynamically create the hash value and compare with our stored pre-validated hash value.
If the two hashes are equal then the server validation is passed. If not server validation is false.