I need a solution
Hi,
We've recently had some external pen-testers in who have raised concerns over the ability to access the dafault Tomcat URL via https://<DCS_SERVER_IP>:8081 from local workstation browsers.
This is a newly installed DCS:SA system and although anyone accessig this URL would also require authorised login credentials, the preference is that no users can access the URL:8081.
What is the best-practice for hiding the Tomcat URL from users on the local network? Would restricting firewalls so that only someone logging in locally the DCS server can access it be a recommendation? Or should an alternate (other than default 8081) port number be considered?
Any advice will be very much appreciated.
KS
0
