[Opensim-users] Grid Security

Mon Oct 8 08:01:55 UTC 2012

Thanks for the info guys, that was very helpful. One of the other things we
were having issues with is the MaxPrims setting in the region INI files.
Clearly this setting is available, however it does not appear to work. I am
sure on my grids this is not an issue after all OpenSimulator is usually
used to eliminate many of the restrictions SL has. However for us we are
trying to follow the same style of region and prims counts as SL for the
sole reason that it appears to be more cost effective in terms of
resources. I mean we can have more regions on Server A if each region is
limited to 15k prim, where as Server B can only host a few safely without
thos limitations. Any idea how to make sure the software enforces the max
prim limitations?

On Sun, Oct 7, 2012 at 10:12 PM, Tom Haines <hainest at gmail.com> wrote:

> Blocking port 8003 on the firewall to block unauthorized regions doesn't
> work if you have an external organization that hosts a region server that
> connects to your grid and has OpenSim users both NATing to the same IP
> address. And situations like this tend to pop up for political, and not
> technical reasons, which means there is little recourse for the grid
> operator.
>
> I've considered SSH tunneling for the 8003 connection, but have not had a
> chance to experiment.
>
> And to confirm, there is no communication directly between viewer and SQL
> server. The database will, and should be run unexposed to the end user.
>
>
> On Sunday, October 7, 2012, wrote:
>
>> Further to this i understand there should be no reason for a normal viewer
>> to talk directly to the SQL server. It is all done via the simulator.
>>
>> As such it would be feasible to set your SQL server to only allow your
>> OpenSim users to authenticate from servers you run (usually by IP or
>> FQDN). There should always be a focus on security but I would imagine all
>> these factors would make it at least very difficult for someone to
>> casually connect a simulator to your grid even without additional
>> authentication in OpenSim.
>>
>>
>>
>> > unless there have been profound recent changes in the OS services
>> > connectors structure that i've failed to notice (which is QUITE
>> > possible), all end-user accessibility is handled by port 8002 and the
>> > rest (connection services) is governed by port 8003 (in a standard
>> > ROBUST based grid setup).  therefore, placing :8003 behind your firewall
>> > (thus preventing 'unauthorized' outside users from attaching to your
>> > grid services) should not interfere with public/open access via viewers
>> > on :8002 which would remain outside the firewall.  afaik, this is the
>> > only reliable and in my experience completely effective solution to the
>> > problem.
>> >
>> > i also believe the security key function was removed by concensus as it
>> > didn't provide any hardcore security.
>> >
>> > hope this helps and is remotely correct in it's technical assumptions -
>> > or at least follows the path your concerns and argument were headed...
>> >
>> > - core
>> >
>> > On 10/7/2012 11:50 AM, Tom Haines wrote:
>> >> I disagree that this should not be considered a concern. Under this
>> >> security model, anyone with the information to connect to the grid as
>> >> a user has enough information to connect a region to the grid.
>> >>
>> >> I am concerned with this as an operator of an educational grid. We
>> >> offer our services to students and educators with the understanding
>> >> that we can limit the objectionable content they would be exposed to
>> >> in SL or other public OpenSim grids. Obviously if anyone can connect
>> >> their own regions without authorization from the grid operators, our
>> >> ability to offer this service is compromised.
>> >>
>> >> I know there were pass keys used in the past to authenticate regions,
>> >> but I believe this functionality has been removed. I haven't seen
>> >> anything on the website regarding this. I've read before that
>> >> firewalls are the best defense, but this is untenable, since our usage
>> >> requirements demand controlled access by region operators, but open
>> >> access to end users from heterogeneous network environments.
>> >>
>> >> Could someone weigh in with the official line on this?
>> >>
>> >> On Sunday, October 7, 2012, Fleep Tuque wrote:
>> >>
>> >>     Hi Josh,
>> >>
>> >>     As far as I know, in order to connect a region to your grid,
>> >>     someone would need to know all the connection details and unless
>> >>     you provide that information, I'm not sure how anyone would know
>> >>     how to or be able to connect to your grid.  FleepGrid has been
>> >>     running for nearly 2 years and I've never seen any attempts to
>> >>     connect a rogue region as far as I know, so I'm not sure it's much
>> >>     of a concern.
>> >>
>> >>     I'll let someone with more knowledge of the possible configuration
>> >>     options address any .ini settings that you might be able to use to
>> >>     disable region connections, but if this is a security issue or
>> >>     problem, it's the first I've heard of it.
>> >>
>> >>     Sincerely,
>> >>
>> >>     - Chris/Fleep
>> >>
>> >>     Chris M. Collins (SL/OS: Fleep Tuque)
>> >>     Center for Simulations & Virtual Environments Research (UCSIM)
>> >>     UCIT Instructional & Research Computing
>> >>     University of Cincinnati
>> >>     406A Zimmer Hall
>> >>     315 College Drive
>> >>     PO BOX 210088
>> >>     Cincinnati, OH 45221-0088
>> >>     chris.collins at uc.edu <javascript:_e({}, 'cvml',
>> >>     'chris.collins at uc.edu');>
>> >>     (513) 556-3018
>> >>
>> >>     http://ucsim.uc.edu
>> >>
>> >>     On Sun, Oct 7, 2012 at 9:52 AM, Joshua Rubeck
>> >>     <jrubeck1989 at gmail.com <javascript:_e({}, 'cvml',
>> >>     'jrubeck1989 at gmail.com');>> wrote:
>> >>
>> >>         Okay so here is a question for everyone. Myself and a few
>> >>         others are setting up a grid for public use, but we do not
>> >>         want other people to be able to connect their regions on a
>> >>         home based computer to our grid. One of my friends remembers
>> >>         that there used to be a setting that would prevent an
>> >>         opensimulator instance from connectiong to robust without
>> >>         authentication but I cannot find that in the configuration
>> >>         files. Is there a configuration that allows us to run a public
>> >>         grid without other people being able to connect their regions
>> >>         to our gird.
>> >>         _______________________________________________
>> >>         Opensim-users mailing list
>> >>         Opensim-users at lists.berlios.de <javascript:_e({}, 'cvml',
>> >>         'Opensim-users at lists.berlios.de');>
>> >>         https://lists.berlios.de/mailman/listinfo/opensim-users
>> >>
>> >>
>> >>
>> >>
>> >> _______________________________________________
>> >> Opensim-users mailing list
>> >> Opensim-users at lists.berlios.de
>> >> https://lists.berlios.de/mailman/listinfo/opensim-users
>> >
>> > _______________________________________________
>> > Opensim-users mailing list
>> > Opensim-users at lists.berlios.de
>> > https://lists.berlios.de/mailman/listinfo/opensim-users
>>
>>
>> _______________________________________________
>> Opensim-users mailing list
>> Opensim-users at lists.berlios.de
>> https://lists.berlios.de/mailman/listinfo/opensim-users
>>
>
> _______________________________________________
> Opensim-users mailing list
> Opensim-users at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://opensimulator.org/pipermail/opensim-users/attachments/20121008/8e65294f/attachment.html>