ansible-collections/phpipam_scan_agent
2
0
Fork 0
Code Issues 10 Pull Requests Actions Projects Releases 7 Wiki Activity

feat(scanner): if an auth token has been set, fail non-https communication with server

Browse Source 
except to localhost.

!11 #1
This commit is contained in:
Jon Lockwood
2024-02-24 20:11:06 +09:30
parent 15b0ddb068
commit b005a31aab
2 changed files with 21 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/projects/ansible/collection/phpipam_scan_agent/scanner.md
View File

@ -102,3 +102,5 @@ Once the [server component](server.md#remote%20network%20scannning) has been set
!!! danger "Security"
Failing to secure the server component communication with TLS will allow anyone with direct access to the line of communication to view the `auth_token`. Anyone who has the `auth_token` will be able to upload data to the server.
In an attempt to mitigate this, the scanner will fail to communicate with the server if you have set an `auth_token` and attempt non-TLS communication with the server.