-1

I am using cloud servers and they are exchanging data. I would like to secure those exchanges.

I am using RackSpace and I am worried someone could just grap information between two of my servers.

I am using HTTP and the servers are running on Linux (Ubuntu).

What is the best way?

jnbdz
  • 897
  • 5
  • 22
  • 43
  • 1
    What protocol are you servers using to communicate with each other? What kind of data are they exchanging? Have you tried anything already? Anything that works for you but is not working well enough? – chutz May 11 '12 at 04:30
  • What's your threat model? Where is your (hypothetical) attacker and what can he do? – Ladadadada May 11 '12 at 05:11
  • I am using RackSpace and I am worried someone could just grap information between two of my servers. – jnbdz May 11 '12 at 06:12
  • An ethernet cable? You don't describe your topology which makes this question impossible to answer. – dmourati May 11 '12 at 08:33
  • 1
    On Rackspace cloud (all) the instances share a common private (internal) network, and unlike EC2 you can't currently have a security group which restricts traffic to and from your instances on that network. I believe this is the insecurity the OP is referring to. – James Yale May 11 '12 at 09:52
  • James Yale, is it possible for a hacker to get data that is being exchange between two cloud servers in RackSpace? – jnbdz May 16 '12 at 21:14
  • 1
    I expect it would be difficult, Rackspace aren't exactly new to this sort of thing. However, as with everything from a security point of view, you should assume a third party can intercept the traffic, that the network has been compromised and add in appropriate layers of security to mitigate the risk. – James Yale May 17 '12 at 08:51

3 Answers3

6

You need IPsec, but not in Tunnel (VPN) mode. You want to use IPsec in transport mode.

Microsoft makes this comparatively easy to set up and manage servers with the combination of Active Directory group policy and certificate services.

On *nix... you've got quite a bit of scripting to do, and lots of reading.

rmalayter
  • 3,744
  • 19
  • 27
  • 1
    Is there a *problem* with Tunnel mode in this situation? – Ladadadada May 11 '12 at 05:14
  • Simply that you do not need set up tunnels (like a VPN) but want to run it on all traffic on a specific network, regardless what computer you send it to. THis is not what tunnel mode is craeted for, but transport mode. – TomTom May 11 '12 at 10:37
  • 2
    @Ladadadada, with tunnel mode you would need to set up a VPN connecton from each host to every other host. That is O(N^2) connections, actuall N*(N-1)/2 to be precise. So if you have 16 hosts, we're talking 120 tunnels to configure. With 32 hosts, that's 496 tunnels. Which is why transport mode exists. – rmalayter May 13 '12 at 14:45
3

Since you're using HTTP between your instances the simple solution to prevent any potential snooping of your data on the wire is to switch to HTTPS. It's designed to allow secure communication over an untrusted network, which is exactly what you've got with the shared private Rackspace network.

Here are some Ubuntu docs to get you started: https://help.ubuntu.com/10.04/serverguide/httpd.html

James Yale
  • 5,042
  • 1
  • 16
  • 20
  • -1. This limits him to HTTP / Https where later on at laest other elements may come in. IpSec was created for exactly that. – TomTom May 11 '12 at 10:39
  • @TomTom, answers can only be given for the questions that was asked, not some hypothetical event in an unspecified future. Maybe it's time you learned to read questions properly. This one very clearly states HTTP, nothing else. – John Gardeniers May 13 '12 at 06:31
  • Yes, assuming that the servers ONLY talk HTTP. Nothing else. Which simply is not the case. I don't care about what you say- do not like my downvote? YOUR problem, not mine. – TomTom May 13 '12 at 10:50
  • It's not a bad solution to the problem at hand, though it does have its limitations. – Bigbio2002 May 16 '12 at 19:01
1

One way would be to use HTTPS with client certificates and peer verification. The HTTP clients would need to present an SSL certificate, and the server would only accept clients which present a valid and trusted certificate. You would need to generate your own CA and create certificates for each of the servers. The HTTP servers then need to be configured to expose HTTPS (and disable plain HTTP), require clients to provide certificates, and only accept clients which present a certificate signed by your CA. The HTTP clients would need to be configured to use HTTPS and provide the certificate.

mgorven
  • 30,036
  • 7
  • 76
  • 121
  • I though about it. It just seems like a big overhead. I need to be able to add and remove servers rapidly... That's why I went with the cloud... – jnbdz May 13 '12 at 01:49
  • 2
    Any method of securing these communications is going to require effort, probably including key management. – mgorven May 13 '12 at 02:02