[erlang-questions] Is epmd secure ? (SSL distribution)
Michael McDaniel
erlangX@REDACTED
Wed Oct 11 08:13:48 CEST 2006
googling for ...
distributed erlang firewall
provides this thread ...
http://www.erlang.org/ml-archive/erlang-questions/200605/msg00336.html
~M
On Mon, Oct 09, 2006 at 07:45:14PM +0200, igwan wrote:
> Hello,
>
> I have to connect a number of nodes through the internet. I configured
> the SSL distribution mechanism but still have some questions about security.
>
> - Is the epmd deamon vulnerable ? I noticed that running it in debug
> mode (epmd -d) on the console, it receives requests from starting nodes
> (even SSL) via IP (am I right ?). Can a attacker send multiple register
> requests or resolve request and take the server down this way ? Is the
> protocol used by epmd secure when running a SSL node ?
>
> - Is it possible to set the listen port used by a SSL node in any way ?
> Reading through the doc, I tried "-ssl_dist_opt proxylsport 51300" and
> "-ssl_dist_opt port 51300" to no avail, I see the epmd trace still show
> a random port being registered.
>
> I have thought of bypassing the epmd thing, and do its work giving a
> static configuration, like
> [{sslnode1@REDACTED, 51300},
> {sslnode2@REDACTED, 51301},
> {sslnode3@REDACTED, 51300},
> ...]
> on each node, but is that possible to configure such things ?
>
> Sorry if the questions already have been asked, I didn't find anything
> related.
>
> Thanks for your help,
>
> igwan
>
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://www.erlang.org/mailman/listinfo/erlang-questions
--
Michael McDaniel
Portland, Oregon, USA
http://autosys.us
+1 503 283 5284
More information about the erlang-questions
mailing list