You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@activemq.apache.org by "Hiram Chirino (JIRA)" <ji...@apache.org> on 2009/09/11 23:52:15 UTC
[jira] Reopened: (AMQ-498) Secure the server from simple DoS
attacks
[ https://issues.apache.org/activemq/browse/AMQ-498?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Hiram Chirino reopened AMQ-498:
-------------------------------
No this has not been fixed. To properly fix this the openwire protocol needs to be updated to do limit checks on the data it serializes.
> Secure the server from simple DoS attacks
> -----------------------------------------
>
> Key: AMQ-498
> URL: https://issues.apache.org/activemq/browse/AMQ-498
> Project: ActiveMQ
> Issue Type: Improvement
> Components: Broker
> Environment: An untrusted network. DoS attack attempts are common.
> Reporter: Hiram Chirino
> Fix For: 5.3.0
>
>
> Originating from http://forums.logicblaze.com/posts/list/205.page
> Simply start the 4.0 server (I used the stock config)
> in another window telnet to localhost 61616
> you will receieve:
> ActiveMQ^[[?1;2c
> type asdfasdf
> The connection will close by itself.
> All future TCP connections, either from telnet or from real JMS clients, will hang.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.