[zeromq-dev] security model recommendation

chrish at techspecs.com chrish at techspecs.com
Thu Sep 8 01:41:00 CEST 2011


Hi,

   Suppose 0mq is used in a commercial product and is released and is used
by the community. Now, a hacker discovers that 0mq is being used and
tries to get inside by imitating the protocol somehow. How to discover
this (besides segfault)? Or worse still, the hacker simply wants to
bring down the server and sends an empty string across REP/REQ or
something like that. I realize iptables can be used to prevent
unauthorized IP addresses from accessing a server but what about IP
address that are initially authorized but turn out to be rogue by
persons lacking social etiquette?

Best,
  Chris





More information about the zeromq-dev mailing list