You are right. We were aware that exposing cluster to internet was a bad
idea. It was a temporary situation. We are planing to use it behind an
application in our product.
Thanks for advice.
On 09-07-2014 12:01, David Pilato wrote:
3 bad things here:
* You exposed your cluster to internet directly
* You did not disable dynamic scripting
* May be you are running your elasticsearch node as root?
You should read that documentation:
http://www.elasticsearch.org/guide/en/elasticsearch/reference/0.90/modules-scripting.html#_disabling_dynamic_scripts
--
*David Pilato* | /Technical Advocate/ | *Elasticsearch.com*
@dadoonet <https://twitter.com/dadoonet> | @elasticsearchfr
<https://twitter.com/elasticsearchfr>
Le 9 juillet 2014 à 10:45:30, Umutcan (umut...@gamegos.com
<mailto:umut...@gamegos.com>) a écrit:
Hi,
We have been testing Elasticsearch for a while. Our ES cluster was on
AWS. We installed Bigdesk, Marvel, Thrift, EC2 Discovery plugins. There
were 5 instance (1 load balancer, 4 data node) and all of them were
version 0.90.
Yesterday, We have received an e-mail from AWS. They said one of our
instance in ES cluster was making DOS attacks from UDP port 80.
We did not restrict ports, because it was an test cluster. It can be
main cause of this problem, but I still want to ask if there is a known
bug (in ES or modules or plugins) that cause something like this or if
there is anyone who have seen some kind of similar problem.
Thanks,
Umutcan Onal
--
You received this message because you are subscribed to the Google
Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/53BD012A.2090109%40gamegos.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google
Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to elasticsearch+unsubscr...@googlegroups.com
<mailto:elasticsearch+unsubscr...@googlegroups.com>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/etPan.53bd04d9.189a769b.6455%40MacBook-Air-de-David.local
<https://groups.google.com/d/msgid/elasticsearch/etPan.53bd04d9.189a769b.6455%40MacBook-Air-de-David.local?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/53BD0DD2.5080400%40gamegos.com.
For more options, visit https://groups.google.com/d/optout.
