[
https://issues.apache.org/jira/browse/AMQ-498?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13288999#comment-13288999
]
Matthew Good commented on AMQ-498:
----------------------------------
Fyi, this change broke us. In the future you should try to make changes that
are backwards compatible. If they are not, they should be explicitly mentioned
in the release notes. In this case, how many people really need it? It could
have been that if the maxFrameSize is not explicitly set, then frame size
checking would be disabled - as before.
I will say, it is a great feature for those who have publicly exposed brokers.
Thanks!
> Secure the server from simple DoS attacks
> -----------------------------------------
>
> Key: AMQ-498
> URL: https://issues.apache.org/jira/browse/AMQ-498
> Project: ActiveMQ
> Issue Type: Improvement
> Components: Broker
> Environment: An untrusted network. DoS attack attempts are common.
> Reporter: Hiram Chirino
> Assignee: Hiram Chirino
> Fix For: 5.6.0
>
>
> Originating from http://forums.logicblaze.com/posts/list/205.page
> Simply start the 4.0 server (I used the stock config)
> in another window telnet to localhost 61616
> you will receieve:
> ActiveMQ^[[?1;2c
> type asdfasdf
> The connection will close by itself.
> All future TCP connections, either from telnet or from real JMS clients, will
> hang.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
