[Opensim-users] about OpenSim GRID security.
Seren Seraph
seren.seraph at gmail.com
Wed Jun 4 22:38:27 UTC 2014
On 06/02/2014 04:16 PM, David Saunders wrote:
> GRid Security?
>
> Well there is a lacking of it. I been working on a ways to prevent
> grids/Simulators to connect to our network. Its built around allowing
> sims to authenticate with a configuration server that will open the
> door for them to connect to the grid services. But I not found a list
> of ports that need to open for clients to use, and been testing a
> list simulator ports to splite the services from the client to a
> public set of ports and the simulator a set of private port that can
> be open when they connect.
Why not do it at the server side with a whitelist? If the requester is
not on the list then they get no service.
>
> This would be easy if we did not allow trusted remote simulators to
> connect.
What would be the point of grid services is trusted sims could not
connect?
>
> When I asked about security lasst I was given you keep the ports a
> secret and only give them out to people you trust.
You could have one server process/virtual machine that listens on the
ports, does the whitelist and forwards legitimate requests to the actual
services. Really this isn't an opensim question but a general securing
services question. There are many different ways to do it including
firewall, VPN, whitelist, load balancer, gating service and so on.
- s
More information about the Opensim-users
mailing list