Preventing unbound reads from files or sockets being exploited in a denial of service attack

To prevent unbound reads from files or sockets being exploited in a denial of service attack, use the Gate.Java.Arguments property with the following Java arguments:

-Dcom.ibm.csi.netcool.integrations.max_line_length: This Java argument specifies the maximum amount of data that the gateway attempts to read from the socket or file at any time.

-Dcom.ibm.csi.netcool.integrations.transporter.read_timeout: This Java argument specifies the timeout period for the gateway when reading on the socket.

The effect of these Java arguments is to make reading from files and sockets bounded in terms of the amount of data that can be read at one time (max_line_length) and the amount of time that can be spent waiting for data to be provided (read_timeout) where appropriate. You set these Java arguments using the Gate.Java.Arguments property in the gateway properties file.

To configure the -Dcom.ibm.csi.netcool.integrations.max_line_length Java argument, set the Gate.Java.Arguments property as follows:

Gate.Java.Arguments  :  '-Dcom.ibm.csi.netcool.integrations.max_line_length=xxxxx'

Where xxxxx is a number of bytes. The default is 1048576 (1MB).

To configure the -Dcom.ibm.csi.netcool.integrations.max_line_length Java argument, set the Gate.Java.Arguments property as follows:

Gate.Java.Arguments  :
       '-Dcom.ibm.csi.netcool.integrations.transporter.read_timeout=xxxxx'

Where xxxxx is the length of the timeout period in seconds. The default is 30 seconds.

Note: You can specify more than one Java argument for the Gate.Java.Arguments property by specifying a space-separated list of Java arguments within single quote marks. For example:'arg1 arg2 arg3'.

If you are using the transport module with IBM Operations Analytics - Log Analysis, you do not need to set read_timeout using a Java argument. You can instead use the readTimeout property in the scalaTransport.properties file.