security question

[mle-moni]

First, I would like to thank you for this really good software!

Now, to get to the point, I have a question about security

The docs says

secret_key For communicating with Performa Satellite all your servers need to share the same secret key. This is used as a salt string to construct cryptographic authentication tokens, to securely send custom monitoring commands to be executed on your servers. When you install Satellite, you'll need to configure it with the same secret key as the master server.

When i read that, I tought that when a satellite sends data to the main performa server, it does it by authenticating himself with the secret key, but when I glanced at the source code, I saw no such system implemented, so I wonder if an attacker could spam my main performa server with huge amounts of fake satellite server data?

If I want to prevent this, do you have any advice on how to implement it?

[jhuckaby]

but when I glanced at the source code, I saw no such system implemented

Oh my, you're absolutely right. It looks like I only partially implemented it. The auth flow happens during the hello (handshake) API call, but it isn't passed down to the second submit API call. What an oversight! Yikes.

I'll fix this right away. Thank you so much for noticing.

[jhuckaby]

Okay, this is all fixed in Performa v1.1.4 and Performa Satellite v1.1.4. You will have to upgrade both to the latest version.

The authentication mechanism now uses a time-based auth token, generated using the secret key, and validated in both the submit and snapshot APIs. Your server clocks all need to be within +/- 1 minute of each other for this to work.

Thanks again!

[mle-moni]

Thank you so much for your reactivity !