audit(gremlin): journiv FAIL 2026-05-04
This commit is contained in:
parent
aa6500a69d
commit
512652af93
1 changed files with 25 additions and 0 deletions
25
Netgrimoire/Audits/journiv-2026-05-04.md
Normal file
25
Netgrimoire/Audits/journiv-2026-05-04.md
Normal file
|
|
@ -0,0 +1,25 @@
|
||||||
|
---
|
||||||
|
title: Audit - journiv.yaml
|
||||||
|
description: Gremlin audit report 2026-05-04
|
||||||
|
published: true
|
||||||
|
date: 2026-05-04T11:19:00.124Z
|
||||||
|
tags: gremlin,audit
|
||||||
|
editor: markdown
|
||||||
|
dateCreated: 2026-05-04T11:19:00.124Z
|
||||||
|
---
|
||||||
|
|
||||||
|
# Audit Report — journiv.yaml
|
||||||
|
|
||||||
|
**Date:** 2026-05-04
|
||||||
|
**File:** swarm/journiv.yaml
|
||||||
|
**Type:** Docker Compose
|
||||||
|
**Verdict:** FAIL
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
PASS Caddyfile configured for admin access on port 2019.
|
||||||
|
FAIL No explicit entries in the Caddyfile for services exposing ports. Review swarm/journiv.yaml for any service definitions that expose ports and ensure they are correctly referenced in the Caddyfile.
|
||||||
|
FAIL There are default passwords used in the configuration, especially for Crowdsec. Replace default passwords with secure ones immediately.
|
||||||
|
FAIL Some services are running in privileged mode. Verify if these privileges are necessary and reduce them to the minimum required for security.
|
||||||
|
PASS No obvious unnecessary forwarded headers in the Caddyfile.
|
||||||
|
VERDICT: FAIL
|
||||||
Loading…
Add table
Add a link
Reference in a new issue