PaloAltoNetworks / azure

VM-Series ARM Templates for Microsoft Azure
https://github.com/PaloAltoNetworks/azure
117 stars 156 forks source link

Disable SSL #20

Open ptglynn opened 4 years ago

ptglynn commented 4 years ago

Description

Add "--ssl-mode=DISABLED" to sql password guessing attack. This disables SSL encryption between the client and the server.

The sql password guessing attack is not detected by the firewall due to the use of SSL between the client and the server.

How Has This Been Tested?

Deployed the ARM template Verified failure to detect/prevent the attack Added the string to the file Re-tested to validate that the attack is now detected/prevented.

Screenshots (if appropriate)

Types of changes

Checklist