river-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Zoltan Juhasz" <juh...@irt.vein.hu>
Subject RE: Towards Internet Jini Services (dos attacks)
Date Wed, 29 Sep 2010 13:05:36 GMT

I think the important danger in Jini is the use of objects. In simple
messaging communication (especially if non-binary), you don't have to worry
about objects. In Jini, any method can take and object as a parameter that
results in serialisation and unmarshalling at the receiver end. When an
object has something nasty executing during within the readObject() method,
it's too late to do anything. We had made experiments putting an infinite
loop into an object's default constructor (I think) and you got a 100% CPU
load at the service side before even knowing what the object was. We had the
solution to use certificates and only accept service invocations from
trusted parties but this is very difficult to enforce over the Internet. (or
you have to contrain the system to a specific task that is only used by a
closed group via the Internet).


Dr Zoltan Juhasz
Dept of Electrical Engineering and Information Systems
Pannon University (formerly University of Veszprem)
Veszprem, Hungary


> -----Original Message-----
> From: Sim IJskes - QCG [mailto:sim@qcg.nl] 
> Sent: 29 September 2010 10:50
> To: river-dev@incubator.apache.org
> Subject: Re: Towards Internet Jini Services (dos attacks)
> On 29-09-10 10:26, Zoltan Juhasz wrote:
>  > and
> > unmarshalling and object movements may help DoS attacks to 
> happen, etc, etc.
> Could you explain the basic difference between RPC and 
> messaging within the context of DOS attacks?
> The only difference i see right now, is that RPC mandates an 
> ordered relation between the request- and reply messages. 
> Does this theorically create an extra opportunity for DOS attacks?
> Gr. Sim
> --
> QCG, Software voor het MKB, 071-5890970, http://www.qcg.nl 
> Quality Consultancy Group b.v., Leiderdorp, Kvk Den Haag: 28088397
>  _____________ NOD32 5487 (20100928) Információ _____________
> Az üzenetet a NOD32 antivirus system megvizsgálta.
> http://www.nod32.hu

View raw message