some work has been done in this area. there are connection limits (on a transport connector) and message size limits on openwire.
there are currently no destination or producer/consumer number limits. Flow control helps but in a very dynamic environment it is difficult to get appropriate limits that won't negatively impact some destinations over others. something like a wildcard subscription that drains queues is possible. the authorization helps, but if you have authorisation you can cause havok. The place to address this issues is in a plugin and the key would be identifying the threats that make sense to bundle together so that there can be plugins that address scenarios. recently i added the option to disable durable subs for folks that want to exclusively use virtual topics in a high through put env but in the main, the core is not the place for these checks. In a plugin you get an opportunity to track and put limits on all aspects of the broker. It will take a bunch of iterations over usecases to determine what set of limits make sense but a good start point would be to be able to limit everything and to be able to control composite and wildcard destinations with some sort of regular expression or something. hope this helps ;-) On 9 April 2015 at 12:01, xabhi <xabh...@gmail.com> wrote: > Hi, > > I was thinking about ways in which I cause DOS attack on activemq and how to > prevent it. > > I can bring the setup down by: > 1. creating large number of connections - restrict based on connectionID? > 2. large number of destinations > 3. large number of subscriptions, consumers, producers, wildcard > subscriptions etc - restrict wildcard subscription, limit no of > consumer/producer? > 4. Sending large number of persistent/non-persistent messages with huge > sizes - limit msgsize that can be sent? > > I don't know how to implement each of them and would like to get ActiveMQ > community's thought on how to prevent these scenarios (either by hacking > into/enriching activemq code - Plugins ?). What are other ways to create a > DOS attack on activemq? > > I know ActiveMQ provides basic authentication/authorization > (username/password) to restrict some of these cases like authorization > policy for destinations based on user name, groups. > > What I am talking about is an unintentional DOS attack- where an legitimate > application/client goes berserk to bug in code etc. and creates large number > of connections or does a wildcard subscription and start receiving all > messages etc. > > I would like to get thought on how to prevent each of the cases I pointed > before. > > Thanks, > Abhi > > > > > -- > View this message in context: > http://activemq.2283324.n4.nabble.com/DOS-attack-on-activemq-setup-tp4694598.html > Sent from the ActiveMQ - User mailing list archive at Nabble.com.
