On 06/02/2014 04:16 PM, David Saunders wrote: > GRid Security? > > Well there is a lacking of it. I been working on a ways to prevent > grids/Simulators to connect to our network. Its built around allowing > sims to authenticate with a configuration server that will open the > door for them to connect to the grid services. But I not found a list > of ports that need to open for clients to use, and been testing a > list simulator ports to splite the services from the client to a > public set of ports and the simulator a set of private port that can > be open when they connect.
Why not do it at the server side with a whitelist? If the requester is not on the list then they get no service. > > This would be easy if we did not allow trusted remote simulators to > connect. What would be the point of grid services is trusted sims could not connect? > > When I asked about security lasst I was given you keep the ports a > secret and only give them out to people you trust. You could have one server process/virtual machine that listens on the ports, does the whitelist and forwards legitimate requests to the actual services. Really this isn't an opensim question but a general securing services question. There are many different ways to do it including firewall, VPN, whitelist, load balancer, gating service and so on. - s _______________________________________________ Opensim-users mailing list [email protected] http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-users
