AMQP clear text authentication issue - rabbit mq how to solve ?
4,886 views
Skip to first unread message
Anto Telvin Mathew
Sep 27, 2016, 12:27:31 AM9/27/16
to rabbitmq-users
Hi Team , nessus scanner identified AMQP clear text authentication as a Medium vulnerability . Any idea how to resolve the same .
Karl Nilsson
Sep 27, 2016, 3:48:04 AM9/27/16
to rabbitm...@googlegroups.com
Hi,
Cheers
Karl
On 27 September 2016 at 05:27, Anto Telvin Mathew <telvi...@gmail.com> wrote:
Hi Team , nessus scanner identified AMQP clear text authentication as a Medium vulnerability . Any idea how to resolve the same .
--
You received this message because you are subscribed to the Google Groups "rabbitmq-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rabbitmq-users+unsubscribe@googlegroups.com.
To post to this group, send email to rabbitmq-users@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Karl Nilsson
Staff Software Engineer, Pivotal/RabbitMQ
Michael Klishin
Sep 27, 2016, 4:11:42 AM9/27/16
to rabbitm...@googlegroups.com
To clarify: "unencrypted" here refers to client connections.
To unsubscribe from this group and stop receiving emails from it, send an email to rabbitmq-user...@googlegroups.com.
To post to this group, send email to rabbitm...@googlegroups.com.
Michael Klishin
Sep 27, 2016, 4:51:37 AM9/27/16
to Anto Telvin Mathew, rabbitm...@googlegroups.com
+rabbitmq-users — please CC the list. I do not offer 1-on-1 RabbitMQ consulting of any kind.
See http://www.rabbitmq.com/networking.html and http://www.rabbitmq.com/configure.html
to find out how TCP listeners are configured in RabbitMQ and http://www.rabbitmq.com/ssl.html
for TLS specifically.
On 27 September 2016 at 11:48:55, Anto Telvin Mathew (telvi...@gmail.com) wrote:
> Can you share the step by step changes we need to do . Very new to this DB
> & issue.
>
>
>
> On Tuesday, September 27, 2016 at 1:41:42 PM UTC+5:30, Michael Klishin
> >> To post to this group, send email to rabbitm...@googlegroups.com
> >> .
> > .
MK
Staff Software Engineer, Pivotal/RabbitMQ
See http://www.rabbitmq.com/networking.html and http://www.rabbitmq.com/configure.html
to find out how TCP listeners are configured in RabbitMQ and http://www.rabbitmq.com/ssl.html
for TLS specifically.
On 27 September 2016 at 11:48:55, Anto Telvin Mathew (telvi...@gmail.com) wrote:
> Can you share the step by step changes we need to do . Very new to this DB
> & issue.
>
>
>
> On Tuesday, September 27, 2016 at 1:41:42 PM UTC+5:30, Michael Klishin
> wrote:
> >
> > To clarify: "unencrypted" here refers to client connections.
> >
> > On 27 Sep 2016, at 10:47, Karl Nilsson >
> >
> > To clarify: "unencrypted" here refers to client connections.
> >
> > On 27 Sep 2016, at 10:47, Karl Nilsson >
> > wrote:
> >
> > Hi,
> >
> > You could use TLS [1] and disable unencrypted access in the configuration
> > file.
> >
> > [1]. https://www.rabbitmq.com/ssl.html
> >
> > Cheers
> > Karl
> >
> > On 27 September 2016 at 05:27, Anto Telvin Mathew > > > wrote:
> >
> >> Hi Team , nessus scanner identified AMQP clear text authentication as a
> >> Medium vulnerability . Any idea how to resolve the same .
> >>
> >> --
> >> You received this message because you are subscribed to the Google Groups
> >> "rabbitmq-users" group.
> >> To unsubscribe from this group and stop receiving emails from it, send an
> >> email to rabbitmq-user...@googlegroups.com .
> >
> > Hi,
> >
> > You could use TLS [1] and disable unencrypted access in the configuration
> > file.
> >
> > [1]. https://www.rabbitmq.com/ssl.html
> >
> > Cheers
> > Karl
> >
> > On 27 September 2016 at 05:27, Anto Telvin Mathew > > > wrote:
> >
> >> Hi Team , nessus scanner identified AMQP clear text authentication as a
> >> Medium vulnerability . Any idea how to resolve the same .
> >>
> >> --
> >> You received this message because you are subscribed to the Google Groups
> >> "rabbitmq-users" group.
> >> To unsubscribe from this group and stop receiving emails from it, send an
> >> To post to this group, send email to rabbitm...@googlegroups.com
> >> .
> >> For more options, visit https://groups.google.com/d/optout.
> >>
> >
> >
> >
> > --
> > Karl Nilsson
> >
> > Staff Software Engineer, Pivotal/RabbitMQ
> >
> > --
> > You received this message because you are subscribed to the Google Groups
> > "rabbitmq-users" group.
> > To unsubscribe from this group and stop receiving emails from it, send an
> > email to rabbitmq-user...@googlegroups.com .
> > To post to this group, send email to rabbitm...@googlegroups.com
> >>
> >
> >
> >
> > --
> > Karl Nilsson
> >
> > Staff Software Engineer, Pivotal/RabbitMQ
> >
> > --
> > You received this message because you are subscribed to the Google Groups
> > "rabbitmq-users" group.
> > To unsubscribe from this group and stop receiving emails from it, send an
> > email to rabbitmq-user...@googlegroups.com .
> > .
MK
Staff Software Engineer, Pivotal/RabbitMQ
Reply all
Reply to author
Forward
0 new messages