Sensu Security


#1

Hello,

I have been looking at recently rolling out Sensu for monitoring maybe I’m missing something but how does a client verify the servers identity? It seems the SSL is just to secure the communication between the components and RabbitMQ but what stops a rouge agent injecting data into the RabbitMQ queue and the clients processing this data.

Thanks for any help

Simon


#2

Seems maybe my question has been answered here

https://groups.google.com/forum/#!topic/sensu-dev/oYZw_UUQf2A

" As it is now any client can push anything to sensu. "

"Are there any news here? A first step would be a secure default rabbitmq
queue setup. This setup should ensure that only the server has write access to the clients. In this case a compromised client can still report false data but cannot invoke commands on other clients. "

Which is what i observed in testing, it doesn’t seem there is any message verification on the message to prove it came from the sensu server. And all clients have write access to the queues. So any client can inject commands to another clients queue which would be unacceptable for our configuration else there are any updates on this issue ?

Simon

···

On Tuesday, January 6, 2015 2:18:15 PM UTC, Simon wrote:

Hello,

I have been looking at recently rolling out Sensu for monitoring maybe I’m missing something but how does a client verify the servers identity? It seems the SSL is just to secure the communication between the components and RabbitMQ but what stops a rouge agent injecting data into the RabbitMQ queue and the clients processing this data.

Thanks for any help

Simon