{{Quickfixn}} Incoming Remote Endpoint Validation
Chisholm, Aidan
AChisholm at lseg.com
Thu Jan 16 09:54:50 PST 2014
Just trying to confirm some functionality - for Acceptor sessions, there appears to be no validation of incoming source IP address.
Is this by design? It's just in our current vendor engine, that we're looking to replace with QFN, there is inbound IP validation which limits the IP address that can be successfully used by each CompID (extra layer of security). This functionality appears to be missing from QFN, which exposes a security loophole and potential opportunity for misuse: anyone enabled on the firewall could pretend to be any other CompID in the system.
Regards
Aidan
Please read these warnings and restrictions:
This e-mail transmission is strictly confidential and intended solely for the ordinary user of the e-mail address to which it was addressed. It may contain legally privileged and/or CONFIDENTIAL information.
The unauthorised use, disclosure, distribution and/or copying of this e-mail or any information it contains is prohibited and could, in certain circumstances, constitute a criminal offence.
If you have received this e-mail in error or are not an intended recipient please inform London Stock Exchange Group (“LSEG”) immediately by return e-mail or telephone 020 7797 1000.
We advise that in keeping with good computing practice the recipient of this e-mail should ensure that it is virus free. We do not accept responsibility for any virus that may be transferred by way of this e-mail.
E-mail may be susceptible to data corruption, interception and unauthorised amendment, and we do not accept liability for any such corruption, interception or amendment or any consequences thereof.
Calls to London Stock Exchange Group may be recorded to enable LSEG to carry out its regulatory responsibilities.
London Stock Exchange Group plc
10 Paternoster Square
London
EC4M 7LS
Registered in England and Wales No 05369106
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.quickfixn.com/pipermail/quickfixn-quickfixn.com/attachments/20140116/05da019f/attachment.htm>
More information about the Quickfixn
mailing list