You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@activemq.apache.org by "Dejan Bosanac (JIRA)" <ji...@apache.org> on 2011/06/09 18:33:59 UTC
[jira] [Resolved] (AMQ-498) Secure the server from simple DoS
attacks
[ https://issues.apache.org/jira/browse/AMQ-498?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dejan Bosanac resolved AMQ-498.
-------------------------------
Resolution: Fixed
Fix Version/s: (was: 6.0.0)
5.6.0
I added maxFrameSize to the OpenWireFormat with default size of 100MB.
The size will be checked before message unmarshalling (if size prefix is used) and before reading the content in non-blocking case. This should be suffice to protect the broker from DoS attacks.
I can imagine a few more variants that we should protect from, but we can deal with them in separate issues.
> Secure the server from simple DoS attacks
> -----------------------------------------
>
> Key: AMQ-498
> URL: https://issues.apache.org/jira/browse/AMQ-498
> Project: ActiveMQ
> Issue Type: Improvement
> Components: Broker
> Environment: An untrusted network. DoS attack attempts are common.
> Reporter: Hiram Chirino
> Assignee: Hiram Chirino
> Fix For: 5.6.0
>
>
> Originating from http://forums.logicblaze.com/posts/list/205.page
> Simply start the 4.0 server (I used the stock config)
> in another window telnet to localhost 61616
> you will receieve:
> ActiveMQ^[[?1;2c
> type asdfasdf
> The connection will close by itself.
> All future TCP connections, either from telnet or from real JMS clients, will hang.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira