cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Jirsa <>
Subject Re: Executing a check before replication / manual replication
Date Thu, 16 Nov 2017 20:58:50 GMT
Yea there’s a whole lot of stuff here that doesn’t make sense

I’m not sure what the threat model really is, but there’s a lot of moving pieces here,
and the place you’re thinking about adding validation isn’t the first place I’d be concerned
with (internode tends to be a bigger problem).

Why do you think a compromised server will try to send data elsewhere?

Where is it going to send it?

Jeff Jirsa

> On Nov 16, 2017, at 12:40 PM, kurt greaves <> wrote:
> What's the purpose here? If they have access to cqlsh, they have access to every nodes
data, not just the one they are on. An attacker modifying RF would be the least of your worries.
If you manage to detect that some node is compromise you should isolate it immediately.
> On 16 Nov. 2017 07:33, "Abdelkrim Fitouri" <> wrote:
> Hi,
> I know that cassandra handel properly data replication between cluster nodes, but for
some security reasons I am wonderning how to avoid data replication after a server node have
been compromised and someone is executing modification via cqlsh ?
> is there a posibility on Cassandra to execute a custom check / Hook  before replication
> is there a posibilty to execute a manual replication between node ?
> -- 
> Best Regards.
> Abdelkarim FITOURI
> System And Security Engineer

View raw message