[
https://issues.apache.org/jira/browse/HDFS-8906?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Yongjun Zhang resolved HDFS-8906.
---------------------------------
Resolution: Won't Fix
Hi [~JJHoward],
Thanks for reporting the issue, I'm closing it as 'Won't fix" per [~aw]'s
comments. Please raise if you have any concern. Thanks.
> Non Authenticated Data node Allowed to Join HDFS
> ------------------------------------------------
>
> Key: HDFS-8906
> URL: https://issues.apache.org/jira/browse/HDFS-8906
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: datanode, namenode
> Affects Versions: 0.20.2
> Environment: CentOS 6.7
> Reporter: John J. Howard
> Priority: Minor
> Labels: security
>
> An attacker with network access to a Hadoop cluster can create a spoof
> datanode that the namenode will accept into the cluster without
> authentication, allowing the attacker to run MapReduce jobs on the cluster in
> order to steal data. The spoof datanode is created by adding the namenode
> RSA SSH public key to the known hosts directory, starting Hadoop services,
> setting the IP address to be the same as a legitimate node on the Hadoop
> cluster and sending the namenode a heartbeat message with an empty namespace
> ID. This will cause the namenode to think that the spoof datanode is a node
> that had previously crashed and lost its data. The namenode will then
> connect to the spoof datanode using its SSH credentials and start replicating
> data on the spoof datanode, incorporating the spoof datanode into the
> cluster. Once incorporated, the spoof node can start issuing MapReduce jobs
> to retrieve cluster data.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
