erlang - Is the Broker able to Block unwanted topic spammers? -
i have mqtt environment this:
there 1 (gray) sensor , 1 observer related topic room/temp, far good, sensor can publish , observer can info should.
the issue have now: need block in broker 2nd undesired client comes(the orange one),and start publish same topic, far know, mqtt loose coupled observer doesn't care pushing temp values, find security flawless when hack environment , publish non sense triggering alarms...
any suggestion?
am using emqttd way , according this there nothing in etc/emqttd.config file can avoid that...
thanks!
i have experience mosquitto but, quick read of document linked, looks there several ways achieve this.
i unclear if talking incidental problem here--i.e. bad information being accidentally sent--or if protecting against active threat.
if concerned incidental overwriting of value, simple clientid solution on (pg. 38) work.
but impression still transmitted in clear , of little use if facing actual adversary (hacker etc.). if concern setup ssl , remove non-ssl listeners. (see pg. 24). should limit traffic encrypted channel. if wish add password / user authentication (pg. 38) complete security.
alternatively, depending on configuration, block unapproved ip addresses @ firewall level (i.e. block access port broker listening on addresses except temperature sensor) or using emqttd's built in acl facility (pg. 25). less secure full ssl setup depending upon needs might enough.
Comments
Post a Comment