[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Strange security issue with Origin Install

+++ s madathilthattantav accenture com [19/02/14 16:22 +0000]:

Some more information I could get form logs that again re iterates the fact
that There is some configuration that needs to be revised.-- -


"Broker instance is operating as an open recursive DNS resolver.  When a DNS
server is set up to allow recursive name resolution publicly, it is
considered an open recursive DNS resolver.  Open recursive DNS resolvers are
susceptible to abuse by third parties and may contribute to
Denial-of-Service (DoS) activity against ***********************
You can prevent your DNS resolver from being abused by third-parties by 1)
keeping the DNS server software up to date, 2) verifying the DNS server's
settings don't allow public recursive resolving, and 3) making sure only
approved people can access the DNS server (for example, by limiting access
with your security groups)."

Any pointers on correction action for this ?

Do you have 'recursion yes;' in /etc/named.conf?

I believe you'll want to switch that to 'no' for a public DNS server.


-----Original Message-----
From: N. Harrison Ripps [mailto:hripps redhat com]
Sent: Wednesday, February 19, 2014 7:39 PM
To: Madathilthattantav, S.
Cc: dev lists openshift redhat com
Subject: Re: Strange security issue with Origin Install

Hey Shabna--
I'm adding the dev list because I know others have encountered security
issues when deploying Origin on AWS. Has anyone else run into this?

On Feb 18, 2014, at 23:50, <s madathilthattantav accenture com>
<s madathilthattantav accenture com> wrote:

I have set up OpenShift Origin V3 Installation  in an aws ec2
Instance(Fedora 19) using oo-install.

Configuration :
Broker +Broker Support services in one instance
Node in another instance

The installation looks good and I am able to deploy applications and work
with it.

Strangely,I am getting security incident on the Broker  instance saying
that its been operating an open proxy and environment is compromised etc..
And I  had to shut down this instance.

More Information:
I have created the security groups by referring this blog :
Also some additional steps required for getting installation working was

1.       Modify iptables to enable udp port
2.       Since  EC2 images are configured to only allow root logins with a
key ,Node Instance sshd config was modified to PermitRootLogin and
PasswordAuthentication as yes.
3.       On Node Host ,had to modify  the IP address of Broker and Node to
point to the public ip addresses of Broker and Node host.
4.       On Node host ,Modify the MCollective configuration to point to
the ip address of the Broker instead of hostname.
5.       Restart the services that were not running

All the other steps were more or less done by the oo-install .As I
understand some Installation configuration needs to be reviewed or modified
- Any pointers will be greatly appreciated.
I am not able to use the Origin installation due to this security issue.

dev mailing list
dev lists openshift redhat com

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]