etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
cloudstack/tools/marvin
History
Rohit Yadav 14504dc7e3 CLOUDSTACK-6432: Prevent DNS reflection attacks 
DNS on VR should not be publically accessible as it may be prone to DNS
amplification/reflection attacks. This fixes the issue by only allowing VR
DNS (port 53) to be accessible from guest network cidr, as per the fix in:
https://issues.apache.org/jira/browse/CLOUDSTACK-6432

- Only allows guest network cidrs to query VR DNS on port 53.
- Includes marvin smoke test that checks the VR DNS accessibility checks from
  guest and non-guest network.
- Fixes Marvin sshClient to avoid using ssh agent when password is provided,
  previous some environments may have seen 'No existing session' exception without
  this fix.
- Adds a new dnspython dependency that is used to perform dns resolutions in the
  tests.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 		2016-08-30 22:39:33 +05:30
..
marvin CLOUDSTACK-6432: Prevent DNS reflection attacks 2016-08-30 22:39:33 +05:30
CHANGES.txt Missing LICENSE headers for sandbox and __init__.py's 2012-08-04 17:29:47 +05:30
DISCLAIMER.txt Adding DISCLAIMER.txt to the marvin tool. 2012-10-17 12:27:00 -04:00
LICENSE.txt CLOUDSTACK-326: Corrected marvin license file to be full ASLv2 license text 2012-10-12 16:41:17 -04:00
MANIFEST.in Missing LICENSE headers for sandbox and __init__.py's 2012-08-04 17:29:47 +05:30
mvn-setup.py marvin: Fix marvin.sync profile, fixes regression from e10f8e8 2014-08-13 11:15:41 +02:00
pom.xml Updating pom.xml version numbers for release 4.9.1.0-SNAPSHOT 2016-08-19 13:53:39 +05:30
setup.py CLOUDSTACK-6432: Prevent DNS reflection attacks 2016-08-30 22:39:33 +05:30