You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Consider the following scenario (very hypothetical):
an attacker finds his way into the internal network
performs a DOS attack on the agent container to crash/restart it
because of the first come first serve policy, the attacker then takes over the entire docker host using a secondary portainer-web instance
I'm using UFW and docker's default iptables don't play well with it, meaning all rules regarding docker containers are ignored, hence there is no benefit in limiting 9001 to the portainer-web host, leaving me vulnerable to such an attack.
Is there a way to mitigate such an attack?
The text was updated successfully, but these errors were encountered:
Consider the following scenario (very hypothetical):
I'm using UFW and docker's default iptables don't play well with it, meaning all rules regarding docker containers are ignored, hence there is no benefit in limiting 9001 to the portainer-web host, leaving me vulnerable to such an attack.
Is there a way to mitigate such an attack?
The text was updated successfully, but these errors were encountered: