Stop Redis from listening on port

[teddy...@instantsystems.se]

We are just now doing a pentest on our system using WebADM with two-way auth. The pentest company found a exploit and was able to change the content. Is there anyway to stop using redis and still be able to use webadm or stop listening on port and only accept connection from localhost?

[ben]

Hi,

you could set a password for Redis:

- encrypt a new password with /opt/webadm/bin/pwcrypt

- add the encrypted password in /opt/webadm/conf/server.xml on each nodes with "secret" parameter:

SessionServer name="Session Server x"

host="192.168.3.1" . 

port="4000" 

secret="{wcrypt}tKs8R4bd0Nva1n1HO/obeg=="/>

- restart each node

You can verify the password with telnet :

telnet localhost 4000 --> connect to the local Redis node

keys * --> search for keys, need to be authenticated 

auth my_password --> authenticate with my_password

quit --> close the connexion

A suggested step-by-step procedure:

1) Shutdown webadm service on Node 2.

2) Make sure OpenOTP works correctly with the remaining leg.

3) Change Redis settings on Node 2 with the encrypted password.

4) Restart Node 2. and test it

5) Shutdown webadm service on Node 1.

6) Test that Node 2 works alone correctly.

7) Change Redis settings on Node 1 with the encrypted password and restart and test it.

8) restart webadm on Node 2 and test that everything works now.

Kind regards

Benedetto

[teddy...@instantsystems.se]

Tnx Ben, very helpful.