aspose file tools*
The moose likes Distributed Java and the fly likes Is there any danger to exposing an RMI port/server to the internet? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of JavaScript Promises Essentials this week in the JavaScript forum!
JavaRanch » Java Forums » Java » Distributed Java
Bookmark "Is there any danger to exposing an RMI port/server to the internet?" Watch "Is there any danger to exposing an RMI port/server to the internet?" New topic
Author

Is there any danger to exposing an RMI port/server to the internet?

Marty Fried
Greenhorn

Joined: Feb 10, 2009
Posts: 18
Hi,

I've been learning RMI in a class at school. I wrote an app that works on my lan using two computers (server on Ubuntu, client on Windows XP). My DSL connection has a static IP address, and my teacher would like to show the class how this assignment (midterm) works using a remote server.

I'm wondering if having the open port for the day would be any type of security concern, not that I have anything other than a lot of configuration invested in the server. It doesn't seem like it would be much of a security concern, but I'm not very sophisticated in those matters.

Also, while I'm here, I thought I'd mention a sort of bug I came across trying to gain access to this server. It's the latest version of Ubuntu (8.10, Intrepid), and I kept getting an exception on the client: "Connection refused"; but it had an IP address of 127.0.0.1 instead of the actual address it was connecting to. I found out the error was caused by the default hosts file, which had the first two lines as:

After changing the 2nd line to the lan IP address of MyMachineName, it worked fine. Maybe this will help someone else sometimes, and save a few hours of hair pulling that it cost me.




-- Marty Fried
Left Coast, USA
Nitesh Kant
Bartender

Joined: Feb 25, 2007
Posts: 1638

Opening a port on any machine is vulnerable to hacker attacks. This is the reason why people use SSL with RMI so that its not available freely to anyone who can sniff that you have opened a port on a publicly available machine.

About the point you have mentioned, it is basically because of the fact that all RMI Stubs have a hostname and port for the server machine using which they make a connection to the server. By default the hostname is the local loopback (or the IP specified for localhost) of the server machine. Either you can change your /etc/hosts file or simply specify a jvm property java.rmi.server.hostname or use a custom client socket factory while creating the RMI stub.


apigee, a better way to API!
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Is there any danger to exposing an RMI port/server to the internet?