K
Q

How to determine the Redis attack source?

10/9/2019

I am using a Redis Docker image in Kubernetes, everything was working fine with my programs that connect to Redis using both the R client (rredis) and the Python client (redis) until recently when the Redis pod started logging the following error:

Possible SECURITY ATTACK detected. It looks like somebody is sending POST or Host: commands to Redis. This is likely due to an attacker attempting to use Cross Protocol Scripting to compromise your Redis instance. Connection aborted.

I found a post that indicated it could be due to the my system's health checks. How would I determine if that is the case? How would I determine the origination of the attacks, please?

-- calycolor
docker
kubernetes
redis

Similar Questions

How to share an EBS volume between 2 or more pods (only one will write, and the rest will only read)?
Eclipse Hono deployment on AWS k8s
How to create kubernetes configmap from properties file during maven build?
openshift distribute pods in one project to specific nodes
Why kubectl exec --username=root does not work?

0 Answers