You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@cassandra.apache.org by Tim Dunphy <bl...@gmail.com> on 2013/09/08 03:55:48 UTC

w00tw00t.at.ISC.SANS.DFind not found

Hey all,

 I'm seeing this exception in my cassandra logs:

Exception during http request
mx4j.tools.adaptor.http.HttpException: file
mx4j/tools/adaptor/http/xsl/w00tw00t.at.ISC.SANS.DFind:) not found
        at
mx4j.tools.adaptor.http.XSLTProcessor.notFoundElement(XSLTProcessor.java:314)
        at
mx4j.tools.adaptor.http.HttpAdaptor.findUnknownElement(HttpAdaptor.java:800)
        at
mx4j.tools.adaptor.http.HttpAdaptor$HttpClient.run(HttpAdaptor.java:976)

Do I need to be concerned about the security of this server? How can I
correct/eliminate this error message? I've just upgraded to Cassandra 2.0
,and this is the first time I've seen this error.

Thanks!
Tim

-- 
GPG me!!

gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B

Re: w00tw00t.at.ISC.SANS.DFind not found

Posted by Tim Dunphy <bl...@gmail.com>.

Richard,

Good advice. Thank you! I'll work on tuning IP tables so that only my other Cassandra nodes can connect to mx4j. Good thing I caught this, I was just making sure JNA was working when I saw this!

Sent from my iPhone

On Sep 8, 2013, at 5:40 AM, Richard Low <ri...@wentnet.com> wrote:

> On 8 September 2013 02:55, Tim Dunphy <bl...@gmail.com> wrote:
>> Hey all,
>> 
>>  I'm seeing this exception in my cassandra logs:
>> 
>> Exception during http request
>> mx4j.tools.adaptor.http.HttpException: file mx4j/tools/adaptor/http/xsl/w00tw00t.at.ISC.SANS.DFind:) not found
>>         at mx4j.tools.adaptor.http.XSLTProcessor.notFoundElement(XSLTProcessor.java:314)
>>         at mx4j.tools.adaptor.http.HttpAdaptor.findUnknownElement(HttpAdaptor.java:800)
>>         at mx4j.tools.adaptor.http.HttpAdaptor$HttpClient.run(HttpAdaptor.java:976)
>> 
>> Do I need to be concerned about the security of this server? How can I correct/eliminate this error message? I've just upgraded to Cassandra 2.0 ,and this is the first time I've seen this error. 
> 
> There is a web vulnerability scanner that does "GET /w00tw00t.at.ISC.SANS.DFind:)" on anything it thinks is HTTP.  This probably means your mx4j port is open to the public which is a security issue.  This means anyone can e.g. delete all your data or stop your Cassandra nodes.  You should make sure that all your Cassandra ports (at least) are firewalled so only you and other nodes can connect.
> 
> Richard.

Re: C* 2.0 reduce_cache_sizes_at ?

Posted by Robert Coli <rc...@eventbrite.com>.

On Sun, Sep 8, 2013 at 4:00 AM, Andrew Cobley <a....@dundee.ac.uk>wrote:

> reduce_cache_sizes_at: 0
> reduce_cache_capacity_to: 0
>
 ...

> I'm assuming the blog must be talking about C* prior to version 2.0
> because these settings do not appear in 2.0's  .yaml file.
>
 ...

> Why where they removed and what's the alternative ?
>

https://issues.apache.org/jira/browse/CASSANDRA-3534
"
Seems like when these thresholds are reached we are trying to reduce the
keycache and Memtable sizes, but in the trunk memtable is moved off-heap
hence reducing that will not actually help.
"

https://git-wip-us.apache.org/repos/asf?p=cassandra.git;a=commit;h=e79d9fbf84a35021cafa21d428e08fdd9bee584e

They were removed because changes in the nature of the cache made them
mostly-useless. There is therefore no alternative.

=Rob

C* 2.0 reduce_cache_sizes_at ?

Posted by Andrew Cobley <a....@dundee.ac.uk>.

I'm following John Berryman's blog "Building the Perfect Cassandra Test Environment" concerning running C* in a very small amount of memory.  he recommends theses settings in cassandra.yaml

reduce_cache_sizes_at: 0
reduce_cache_capacity_to: 0

(Blog is at http://www.opensourceconnections.com/2013/08/31/building-the-perfect-cassandra-test-environment/)

I'm assuming the blog must be talking about C* prior to version 2.0 because these settings do not appear in 2.0's  .yaml file.

Why where they removed and what's the alternative ?

Andy

reduce_cache_sizes_at: 0 reduce_cache_capacity_to: 0 - See more at: http://www.opensourceconnections.com/2013/08/31/building-the-perfect-cassandra-test-environment/#sthash.T7wBs9Yv.dpuf

The University of Dundee is a registered Scottish Charity, No: SC015096

Re: w00tw00t.at.ISC.SANS.DFind not found

Posted by Richard Low <ri...@wentnet.com>.

On 8 September 2013 02:55, Tim Dunphy <bl...@gmail.com> wrote:

> Hey all,
>
>  I'm seeing this exception in my cassandra logs:
>
> Exception during http request
> mx4j.tools.adaptor.http.HttpException: file
> mx4j/tools/adaptor/http/xsl/w00tw00t.at.ISC.SANS.DFind:) not found
>         at
> mx4j.tools.adaptor.http.XSLTProcessor.notFoundElement(XSLTProcessor.java:314)
>         at
> mx4j.tools.adaptor.http.HttpAdaptor.findUnknownElement(HttpAdaptor.java:800)
>         at
> mx4j.tools.adaptor.http.HttpAdaptor$HttpClient.run(HttpAdaptor.java:976)
>
> Do I need to be concerned about the security of this server? How can I
> correct/eliminate this error message? I've just upgraded to Cassandra 2.0
> ,and this is the first time I've seen this error.
>

There is a web vulnerability scanner that does "GET
/w00tw00t.at.ISC.SANS.DFind:)" on anything it thinks is HTTP.  This
probably means your mx4j port is open to the public which is a security
issue.  This means anyone can e.g. delete all your data or stop your
Cassandra nodes.  You should make sure that all your Cassandra ports (at
least) are firewalled so only you and other nodes can connect.

Richard.