[mod_cluster-issues] [JBoss JIRA] (MODCLUSTER-417) Obfuscating jvmRoute as to hide topology

Jean-Frederic Clere (JIRA) issues at jboss.org
Wed Jun 18 02:28:24 EDT 2014 

    [ https://issues.jboss.org/browse/MODCLUSTER-417?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12977230#comment-12977230 ] 

Jean-Frederic Clere commented on MODCLUSTER-417:
------------------------------------------------

Obfuscating the JVMRoute is probably not enough to hide the topology of the cluster behind the proxy....
To do hide the topology you need to replace the sessiond.jvmroute by something that looks random but translate in jsessionid.jvmroute in mod_cluster logic.

But I don't think that the topology of the cluster is something usable by an attacker as the nodes should be behind a firewall and the JVMRoute doesn't need to relate to the internal node name. 

> Obfuscating jvmRoute as to hide topology
> ----------------------------------------
>
>                 Key: MODCLUSTER-417
>                 URL: https://issues.jboss.org/browse/MODCLUSTER-417
>             Project: mod_cluster
>          Issue Type: Feature Request
>      Security Level: Public(Everyone can see) 
>          Components: Native (httpd modules)
>    Affects Versions: 1.3.0.Final, 1.2.9.Final
>            Reporter: Radoslav Husar
>            Assignee: Jean-Frederic Clere
>            Priority: Minor
>
> Feature request from https://github.com/jmcabrera
> Hello guys.
> First of all, this is a feature request and not a bug.
> I would like to "obfuscate" the jvmRoute so that an external attacker cannot "guess" the topology of my internal infrastructure.
> The "strong" way would be to have a symmetrical cipher with a configurable key.
> mod_cluster could then cipher the jsessionid before exposing it to the external world, and decipher it to recover the jvmRoute and properly redirect the request.
> But I guess that this would have very undesirable consequences on performance.
> The "weak" way would be just obfuscate, i.e. let's say that the jsessionid is alea + '.' + jvmRoute. We could take a part of the alea to alter the jvmroute in a reversible way (XORing for instance).
> Anyhow, the expected effect would be that the jvmroute would be externally different for each and every request.
> Unfortunately, I have close to no C skills, hence I cannot make this myself.
> (as a side note, coming from mod_jk, I'm quite impressed by the features mod_cluster offers! Thanks for the good work :) )



--
This message was sent by Atlassian JIRA
(v6.2.6#6264)

More information about the mod_cluster-issues mailing list