Re: Executing a check before replication / manual replication

2017-11-17 Thread Abdelkrim Fitouri
en you > have different DCs. One DC would stay with rogue data, and the other one > would shutdown. > > > > *--* > > *Jacques-Henri Berthemet* > > > > *From:* Abdelkrim Fitouri [mailto:abdou@gmail.com] > *Sent:* jeudi 16 novembre 2017 22:33 > *T

RE: Executing a check before replication / manual replication

2017-11-17 Thread Jacques-Henri Berthemet
only work when you have different DCs. One DC would stay with rogue data, and the other one would shutdown. -- Jacques-Henri Berthemet From: Abdelkrim Fitouri [mailto:abdou@gmail.com] Sent: jeudi 16 novembre 2017 22:33 To: user@cassandra.apache.org Subject: Re: Executing a check before

Re: Executing a check before replication / manual replication

2017-11-16 Thread kurt greaves
That sounds like a great way to DoS yourself. While I'm sure it could be achieved, probably in a pretty messy way, I don't think it's a good idea and seems to me like way over the top security. Especially because sure, you might be able to protect against CQL "attacks" via triggers (ugh) - but if

Re: Executing a check before replication / manual replication

2017-11-16 Thread Abdelkrim Fitouri
ok please find bellow an example: Lets suppose that i have a cassandra cluster of 4 nodes / one DC / replication factor = 4, So in this architecture i have on full copy of the data on each node. Imagine now that one node have been hacked and in some way with full access to cqlsh session, if data

Re: Executing a check before replication / manual replication

2017-11-16 Thread Oliver Ruebenacker
Hello, If I understand the OP right, he wants an automated response one node displays suspicious activity. I suppose in that case, one would want the node to be removed from the cluster or shut down or both. Best, Oliver On Thu, Nov 16, 2017 at 3:40 PM, kurt greaves

Re: Executing a check before replication / manual replication

2017-11-16 Thread Jeff Jirsa
Yea there’s a whole lot of stuff here that doesn’t make sense I’m not sure what the threat model really is, but there’s a lot of moving pieces here, and the place you’re thinking about adding validation isn’t the first place I’d be concerned with (internode tends to be a bigger problem). Why

Re: Executing a check before replication / manual replication

2017-11-16 Thread kurt greaves
What's the purpose here? If they have access to cqlsh, they have access to every nodes data, not just the one they are on. An attacker modifying RF would be the least of your worries. If you manage to detect that some node is compromise you should isolate it immediately. On 16 Nov. 2017 07:33,

Re: Executing a check before replication / manual replication

2017-11-15 Thread Subroto Barua
turn on audit on tables in question, scan the audit logs (using tools like Splunk) and send alerts based on the activity... On Wednesday, November 15, 2017, 12:33:30 PM PST, Abdelkrim Fitouri wrote: Hi, I know that cassandra handel properly data replication

Executing a check before replication / manual replication

2017-11-15 Thread Abdelkrim Fitouri
Hi, I know that cassandra handel properly data replication between cluster nodes, but for some security reasons I am wonderning how to avoid data replication after a server node have been compromised and someone is executing modification via cqlsh ? is there a posibility on Cassandra to execute