Operations Orchestration- Certain URLs are susceptible to DDoS attacks

  • KM03083540
  • 30-Jan-2018
  • 15-Feb-2018

Summary

Certain URLS exposed by Operations Orchestration application are susceptible to DDoS attacks. The URLs will return information which can potentially be used to construct a DDoS attack only if the user is logged in .

Question

Certain URLS exposed by Operations Orchestration application are susceptible to DDoS attacks.  The URLs will return information which can potentially be used to construct a DDoS attack only if the user is logged in .

Answer

Certain URLS exposed by Operations Orchestration application are susceptible to DDoS attacks.
The URLs will return information which can potentially be used to construct a DDoS attack only if the user is logged in .

Response:
1. Stop Central service
2. Open <OO_INSTALLATION>\central\tomcat\webapps\oo\WEB-INF\web.xml
3. Locate the following XML block:

    <servlet>
        <servlet-name>jminix</servlet-name>
        <servlet-class>org.jminix.console.servlet.MiniConsoleServlet</servlet-class>
    </servlet>


4. Surround it with XML comments like this:
<!--
    <servlet>
        <servlet-name>jminix</servlet-name>
        <servlet-class>org.jminix.console.servlet.MiniConsoleServlet</servlet-class>
    </servlet>
               -->

5. Locate the following XML block:

    <servlet-mapping>
        <servlet-name>jminix</servlet-name>
        <url-pattern>/jminix/*</url-pattern>
    </servlet-mapping>

6. Surround it with XML comments like this:
<!--
<servlet-mapping>
        <servlet-name>jminix</servlet-name>
        <url-pattern>/jminix/*</url-pattern>
    </servlet-mapping>
-->

7.  Save the file and Start Central service