Management interfaces shouldn’t even be accessible from the general LAN.
Comment on Palo Alto Networks confirms mystery zero day now exploited
thejml@lemm.ee 21 hours ago
with the US-based security vendor on November 11 urging customers to pull their management interfaces off the public internet or restrict them to known IP addresses.
Why would you EVER put management interfaces on the public internet? What terrible decisions led them down that path? VPN is so quick and easy at a minimum.
catloaf@lemm.ee 16 hours ago
Evotech@lemmy.world 20 hours ago
I know right, 99% of these caves are against management interfaces too
jdeath@lemm.ee 15 hours ago
zero trust?
qjkxbmwvz@startrek.website 18 hours ago
The network gear I manage is only accessible via VPN, or from a trusted internal network…
…and by “my network” I mean my home network (a router and a few managed switches and access points). If a doofus like me can set it up for my home, I’d think that actual companies would be able to figure it out, too.