activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From xabhi <>
Subject DOS attack on activemq setup
Date Thu, 09 Apr 2015 11:01:54 GMT

I was thinking about ways in which I cause DOS attack on activemq and how to
prevent it.

I can bring the setup down by:
1. creating large number of connections - restrict based on connectionID?
2. large number of destinations
3. large number of subscriptions, consumers, producers, wildcard
subscriptions etc - restrict wildcard subscription, limit no of
4. Sending large number of persistent/non-persistent messages with huge
sizes - limit msgsize that can be sent?

I don't know how to implement each of them and would like to get ActiveMQ
community's thought on how to prevent these scenarios (either by hacking
into/enriching activemq code - Plugins ?). What are other ways to create a
DOS attack on activemq?

I know ActiveMQ provides basic authentication/authorization
(username/password) to restrict some of these cases like authorization
policy for destinations based on user name, groups.

What I am talking about is an unintentional DOS attack- where an legitimate
application/client goes berserk to bug in code etc. and creates large number
of connections or does a wildcard subscription and start receiving all
messages etc.

I would like to get thought on how to prevent each of the cases I pointed


View this message in context:
Sent from the ActiveMQ - User mailing list archive at

View raw message