Hello, If I understand the OP right, he wants an automated response one node displays suspicious activity.
I suppose in that case, one would want the node to be removed from the cluster or shut down or both. Best, Oliver On Thu, Nov 16, 2017 at 3:40 PM, kurt greaves <k...@instaclustr.com> wrote: > What's the purpose here? If they have access to cqlsh, they have access to > every nodes data, not just the one they are on. An attacker modifying RF > would be the least of your worries. If you manage to detect that some node > is compromise you should isolate it immediately. > > > On 16 Nov. 2017 07:33, "Abdelkrim Fitouri" <abdou....@gmail.com> wrote: > > Hi, > > I know that cassandra handel properly data replication between cluster > nodes, but for some security reasons I am wonderning how to avoid data > replication after a server node have been compromised and someone is > executing modification via cqlsh ? > > is there a posibility on Cassandra to execute a custom check / Hook > before replication ? > > is there a posibilty to execute a manual replication between node ? > >> > > > -- > > Best Regards. > > *Abdelkarim FITOURI* > > System And Security Engineer > > > > -- Oliver Ruebenacker Senior Software Engineer, Diabetes Portal <http://www.type2diabetesgenetics.org/>, Broad Institute <http://www.broadinstitute.org/>