Hello,
If I understand the OP right, he wants an automated response one node
displays suspicious activity.
I suppose in that case, one would want the node to be removed from the
cluster or shut down or both.
Best, Oliver
On Thu, Nov 16, 2017 at 3:40 PM, kurt greaves <k...@instaclustr.com> wrote:
> What's the purpose here? If they have access to cqlsh, they have access to
> every nodes data, not just the one they are on. An attacker modifying RF
> would be the least of your worries. If you manage to detect that some node
> is compromise you should isolate it immediately.
>
>
> On 16 Nov. 2017 07:33, "Abdelkrim Fitouri" <abdou....@gmail.com> wrote:
>
> Hi,
>
> I know that cassandra handel properly data replication between cluster
> nodes, but for some security reasons I am wonderning how to avoid data
> replication after a server node have been compromised and someone is
> executing modification via cqlsh ?
>
> is there a posibility on Cassandra to execute a custom check / Hook
> before replication ?
>
> is there a posibilty to execute a manual replication between node ?
>
>>
>
>
> --
>
> Best Regards.
>
> *Abdelkarim FITOURI*
>
> System And Security Engineer
>
>
>
>
--
Oliver Ruebenacker
Senior Software Engineer, Diabetes Portal
<http://www.type2diabetesgenetics.org/>, Broad Institute
<http://www.broadinstitute.org/>
