Usually you need the web port and the api port but on the OVAs both are mapped to HTTPS so that should be fine then.
On 4 July 2016 at 21:17, <[email protected]> wrote: > Thank you Marius, I implemented the suggestions listed under: > http://docs.graylog.org/en/2.0/pages/configuration/graylog_ctl.html#production-readiness > apart > from: "Seperate the box network-wise from the outside, otherwise > Elasticsearch can be reached by anyone". > > I'd like to limit access to our Graylog server from one VLAN (user) to > another (servers; where Graylog is) so that only SSH is available (that is > easy), but we also need to view the web page. Which ports must be > accessible (HTTPS anything else)? > > > Dne sreda, 29. junij 2016 21.14.17 UTC+2 je oseba Marius Sturm napisala: > >> Hi, >> the OVAs in general are made for ease of setup and a quick getting >> started experience with Graylog. The trade-off of this that some services >> need to be less restricted as in a setup that is optimized for security. >> Elasticsearch and MongoDB should always placed in a seperate network as >> documented here: >> http://docs.graylog.org/en/2.0/pages/configuration/graylog_ctl.html#production-readiness >> >> If you have higher security needs please consider a manual setup of >> Graylog and make sure that all services are as secured as possible >> http://docs.graylog.org/en/2.0/pages/installation/manual_setup.html >> >> Cheers, >> Marius >> >> On 29 June 2016 at 19:57, <[email protected]> wrote: >> >>> We're using the latest version of Graylog OVA and have recently had a >>> vulnerability assesment. I'm attaching the finding from the Nessus scanner. >>> Can someone please shed some lights on these results focusing on the Medium >>> severity and esp. MongoDB Service Without Authentication Detection and Web >>> Server Generic Cookie Injection. >>> >>> Many thanks in advance. >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Graylog Users" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/graylog2/6f262db7-5494-47ce-aa54-28fde164a383%40googlegroups.com >>> <https://groups.google.com/d/msgid/graylog2/6f262db7-5494-47ce-aa54-28fde164a383%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> >> >> -- >> Developer >> >> Tel.: +49 (0)40 609 452 077 >> Fax.: +49 (0)40 609 452 078 >> >> TORCH GmbH - A Graylog Company >> Poolstraße 21 >> 20335 Hamburg >> Germany >> >> https://www.graylog.com <https://www.torch.sh/> >> >> Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175 >> Geschäftsführer: Lennart Koopmann (CEO) >> > -- > You received this message because you are subscribed to the Google Groups > "Graylog Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/graylog2/14f3ae72-7b64-4c3c-8d85-2edd7c4363fb%40googlegroups.com > <https://groups.google.com/d/msgid/graylog2/14f3ae72-7b64-4c3c-8d85-2edd7c4363fb%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- Developer Tel.: +49 (0)40 609 452 077 Fax.: +49 (0)40 609 452 078 TORCH GmbH - A Graylog Company Poolstraße 21 20335 Hamburg Germany https://www.graylog.com <https://www.torch.sh/> Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175 Geschäftsführer: Lennart Koopmann (CEO) -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/CAMqbBbJ9uirzk8WGfReGjPFkpyf1o0rFXiTiJEzYe5xyDB7L4w%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
