[erlang-questions] Is epmd secure ? (SSL distribution)
igwan
igwan@REDACTED
Mon Oct 9 19:45:14 CEST 2006
Hello,
I have to connect a number of nodes through the internet. I configured
the SSL distribution mechanism but still have some questions about security.
- Is the epmd deamon vulnerable ? I noticed that running it in debug
mode (epmd -d) on the console, it receives requests from starting nodes
(even SSL) via IP (am I right ?). Can a attacker send multiple register
requests or resolve request and take the server down this way ? Is the
protocol used by epmd secure when running a SSL node ?
- Is it possible to set the listen port used by a SSL node in any way ?
Reading through the doc, I tried "-ssl_dist_opt proxylsport 51300" and
"-ssl_dist_opt port 51300" to no avail, I see the epmd trace still show
a random port being registered.
I have thought of bypassing the epmd thing, and do its work giving a
static configuration, like
[{sslnode1@REDACTED, 51300},
{sslnode2@REDACTED, 51301},
{sslnode3@REDACTED, 51300},
...]
on each node, but is that possible to configure such things ?
Sorry if the questions already have been asked, I didn't find anything
related.
Thanks for your help,
igwan
More information about the erlang-questions
mailing list