DOS attack on activemq setup

classic Classic list List threaded Threaded
24 messages Options
12
Reply | Threaded
Open this post in threaded view
|

Re: DOS attack on activemq setup

xabhi
Hi gary,

In this reply http://activemq.2283324.n4.nabble.com/DOS-attack-on-activemq-setup-tp4694598p4694602.html you mentioned about controlling composite destinations. What kind of problems can be caused using composite destinations from client side? I have never used them and its unclear to me in what way it can abused to disrupt broker service.




Reply | Threaded
Open this post in threaded view
|

Re: DOS attack on activemq setup

gtully
I am thinking of a consumer that subscribes to a wildcard that will
match all destinations, the mqtt support has made that possible.
It is easy to consume all messages. Or subscribe to a composite will
all dests in there. It could make sense to deny composites or multi
matching wildcards if they won't be used by an app. Auth will help
here in any event.

On 14 April 2015 at 15:17, xabhi <[hidden email]> wrote:

> Hi gary,
>
> In this reply
> http://activemq.2283324.n4.nabble.com/DOS-attack-on-activemq-setup-tp4694598p4694602.html
> <http://activemq.2283324.n4.nabble.com/DOS-attack-on-activemq-setup-tp4694598p4694602.html>
> you mentioned about controlling composite destinations. What kind of
> problems can be caused using composite destinations from client side? I have
> never used them and its unclear to me in what way it can abused to disrupt
> broker service.
>
>
>
>
>
>
>
>
> --
> View this message in context: http://activemq.2283324.n4.nabble.com/DOS-attack-on-activemq-setup-tp4694598p4694883.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
Reply | Threaded
Open this post in threaded view
|

Re: DOS attack on activemq setup

xabhi
This post was updated on .
Hi gary,
I am having some difficulties/concerns in implementing some of the ideas:

1. Restricting composite destinations for producer and consumer:
>I tried adding destination.iscomposite() checks in addProducer and addConsumer by extending BrokerPluginSupport. The problem I am facing now is that it is restricting addition of consumer on a composite destination "ActiveMQ.Advisory.TempQueue,ActiveMQ.Advisory.TempTopic" which is added for every producer and consumer connecting to broker and hence no producer/consumer can connect If I use this strategy.
What would be other good way to achieve this.

Other concern is that I have dynamic producers also which can send messages on composite destination at runtime. I am thinking of restricting this in send call itself? Is it a good place to do this check?

2. Restricting size of messages sent to ActiveMQ:
>I am using wireFormat.maxFrameSize to limit the size. But it works only for clients using openwire. I have perl/python/php clients using STOMP protocol. How to achieve this? Do I have make changes in client libraries? Or there is some other configuration?

3. Restricting total topics and queues count:
>I am trying to implement this in addDestination function. I am checking the existence of destination being added in getBrokerService().getRegionBroker().getDestinationMap() and if its new then I check the count using getBrokerService().getAdminView(). Is it good to expose DestinationMap in a plugin like this? Though I am not changing anything here just a contains check.
In my opinion it would make more sense if this was provided as a configuration in broker itself. I have logged https://issues.apache.org/jira/browse/AMQ-5751 for this.

Let me know you thoughts on this.

Thanks,
Abhi
Reply | Threaded
Open this post in threaded view
|

Re: DOS attack on activemq setup

xabhi
Humble ping to get some help in completing this effort.

Another thing- The ampq protocol doesn't respect either of the configurations for message size - transport.maxDataLength and wireFormat.maxFrameSize.

Thanks,
Abhi
12