Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
0.12.0
-
None
-
None
Description
The thrift server is getting killed when using security port scan tools in the hosts running the thrift server. These tools try to connect to the open ports by sending requests to the ports, and the error can happen when accept syscall call, waiting for an incoming connection, or receiving a connection that terminates before the accept process completes, hence killing the thrift server. This can cause potential DoS (Denial of service) attacks on the applications running the thrift server, causing them to become unresponsive. Sometimes, even just running the netcat (nc -zvvvw2 <hostname> <thrift server port>) on the port remote can kill the entire thrift server, making it unresponsive.
Attachments
Issue Links
- links to