GabrielBrascher commented on issue #3450: Port 8096 allows unauthenticated
access from any IP.
URL: https://github.com/apache/cloudstack/issues/3450#issuecomment-513060932
I opened PR #3504; the proposal is to change the default value of
'_integration.api.port_' from 8096 to 0. Deployed a
GabrielBrascher commented on issue #3450: Port 8096 allows unauthenticated
access from any IP.
URL: https://github.com/apache/cloudstack/issues/3450#issuecomment-510912581
@rhtyd I used the command `cloudstack-setup-databases`.
GabrielBrascher commented on issue #3450: Port 8096 allows unauthenticated
access from any IP.
URL: https://github.com/apache/cloudstack/issues/3450#issuecomment-510688691
Checked and rechecked. Port 8096 is definitely enabled by default (tested
with Ubuntu).
1. Deploy a fresh
GabrielBrascher commented on issue #3450: Port 8096 allows unauthenticated
access from any IP.
URL: https://github.com/apache/cloudstack/issues/3450#issuecomment-507733006
I agree with you both @rhtyd @onitake.
Considering the risks involved, I see some quick and easy ways to mitigate
GabrielBrascher commented on issue #3450: Port 8096 allows unauthenticated
access from any IP.
URL: https://github.com/apache/cloudstack/issues/3450#issuecomment-507714026
@onitake I agree, I have seen some gray lines on this implementation as
well. However, it is possible to disable it
GabrielBrascher commented on issue #3450: Port 8096 allows unauthenticated
access from any IP.
URL: https://github.com/apache/cloudstack/issues/3450#issuecomment-507682112
Closing this issue. However, I think that port 8096 is not disabled by
default, at least on ACS environments deployed
