Rob Blackwell home projects resumé archive

Poking around in Windows Azure

09 February 2009

Now that I have my first app running in the real Windows Azure cloud, and that app is a scripting engine, I wonder what I can discover about the underlying platform?

Running this:
(reference "System.Net") (using "System.Net")

(let ip (first (.AddressList (Dns.GetHostByName (Dns.GetHostName))))
(prn ip)
(prn (.HostName (Dns.GetHostByAddress ip))))

We get
10.113.121.84 RD00155D302603.reddog.microsoft.com
The IP Address is a private IP address. So, as you might expect, there is network address translation going on. The hostname reveals the Red Dog name which was the code name for the project prior to PDC.

If we ping lsharp.cloudapp.net we get
70.37.9.89

A quick port scan (purely in the interests of research!) shows that only port 80 is up for that address.

The 70.37.9.89 address is indeed registered to Microsoft Corp and DNSStuff reports the city as Temecula, California – is that where the data centre is I wonder?

We seem to be able to make arbitrary outbound HTTP connections like this:
(.OpenRead (new "System.Net.WebClient") "http://www.aws.net")
But not to the localhost
(.OpenRead (new "System.Net.WebClient") "http://127.0.0.1:80")
and not to other addresses on the local network
(.OpenRead (new "System.Net.WebClient") "http://10.113.121.85")
In both cases we get a
System.Net.WebException: Unable to connect to the remote server --->

System.Net.Sockets.SocketException: An attempt was made to access a socket in a way forbidden by its access permissions

The publc IP Address works fine
(.OpenRead (new "System.Net.WebClient") "http://70.37.9.89:80")
Can we access the registry ?
(reference "Microsoft.Win32") (.OpenSubKey ( Microsoft.Win32.Registry.LocalMachine) "HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0")

System.Security.SecurityException: Request for the permission of type ’System.Security.Permissions.RegistryPermission,

mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089’ failed.

Not at all suprising really!

Can we access the file system ?
(new "System.IO.DirectoryInfo" "c:\\")

System.Security.SecurityException: Request for the permission of type ’System.Security.Permissions.FileIOPermission,

mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089’ failed.

How about using System.Management ?
(reference "System.Management") (.get (new "System.Management.ManagementObjectSearcher" "SELECT * From Win32_LogicalDisk "))

System.Security.SecurityException: That assembly does not allow partially trusted callers.

So, as you would expect, some smart people have put an awful lot of thought into platform security and there don’t seem to be any chinks in the armour! Can anybody think of anything else that might reveal more info about the platform?

*The opinions expressed on this site are my own and do not necessarily represent those of Two10degrees or Active Web Solutions Ltd.

Copyright © 2012 Rob Blackwell. All rights reserved.
rob.blackwell@two10degrees.com
Last Updated 13 May 2012

Follow Rob on Twitter Find Rob on LinkedIn Subscribe to RSS Feed