clustering security risks
How does cpanel's multiple-server clustering feature affect the security of each of the individual clustered servers? For example, if one server in a cpanel cluster is rooted has cpanel's clustering feature ever been used to take down the other servers in the cpanel cluster?
The DNS clustering feature connects between servers using the WHM secure port (2087) and authenticates using the remote systems Remote Key. It doesn't use root password authentication. That said, once you have a remote servers Remote Key you can access many root functions within WHM on that server using a scripting language such as perl or PHP.
I guess that any mechanism that allows you access between servers is going to have inherent security issues. I've certainly never heard of a compromise in this fashion though. While the risk might be there, it's probably very small indeed and since clustered servers are most likely maintained by the same person, the risk of a root compromise on one server could well be the same on the others anyway.
Personally, I wouldn't worry about it too much. Just be sure to have good security and tripwire procedures in place to detect a root compromise, should you suffer one, asap.
Jonathan Michaelson
Need your cPanel servers secured and tuned?
cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services
Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf
http://www.configserver.com
LinkBack URL
About LinkBacks
Reply With Quote