activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gary Tully <gary.tu...@gmail.com>
Subject Re: DOS attack on activemq setup
Date Thu, 09 Apr 2015 11:55:13 GMT
some work has been done in this area.

there are connection limits (on a transport connector) and message
size limits on openwire.

there are currently no destination or producer/consumer number limits.
Flow control helps but in a very dynamic environment it is difficult
to get appropriate limits that won't negatively impact some
destinations over others.

something like a wildcard subscription that drains queues is possible.

the authorization helps, but if you have authorisation you can cause havok.

The place to address this issues is in a plugin and the key would be
identifying the threats that make sense to bundle together so that
there can be plugins that address scenarios.

recently i added the option to disable durable subs for folks that
want to exclusively use virtual topics in a high through put env but
in the main, the core is not the place for these checks.

In a plugin you get an opportunity to track and put limits on all
aspects of the broker. It will take a bunch of iterations over
usecases to determine what set of limits make sense but a good start
point would be to be able to limit everything and to be able to
control composite and wildcard destinations with some sort of regular
expression or something.

hope this helps ;-)



On 9 April 2015 at 12:01, xabhi <xabhi91@gmail.com> wrote:
> Hi,
>
> I was thinking about ways in which I cause DOS attack on activemq and how to
> prevent it.
>
> I can bring the setup down by:
> 1. creating large number of connections - restrict based on connectionID?
> 2. large number of destinations
> 3. large number of subscriptions, consumers, producers, wildcard
> subscriptions etc - restrict wildcard subscription, limit no of
> consumer/producer?
> 4. Sending large number of persistent/non-persistent messages with huge
> sizes - limit msgsize that can be sent?
>
> I don't know how to implement each of them and would like to get ActiveMQ
> community's thought on how to prevent these scenarios (either by hacking
> into/enriching activemq code - Plugins ?). What are other ways to create a
> DOS attack on activemq?
>
> I know ActiveMQ provides basic authentication/authorization
> (username/password) to restrict some of these cases like authorization
> policy for destinations based on user name, groups.
>
> What I am talking about is an unintentional DOS attack- where an legitimate
> application/client goes berserk to bug in code etc. and creates large number
> of connections or does a wildcard subscription and start receiving all
> messages etc.
>
> I would like to get thought on how to prevent each of the cases I pointed
> before.
>
> Thanks,
> Abhi
>
>
>
>
> --
> View this message in context: http://activemq.2283324.n4.nabble.com/DOS-attack-on-activemq-setup-tp4694598.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.

Mime
View raw message