This repository has been archived by the owner on Feb 16, 2021. It is now read-only.
Should we allow scanning localhost/127/RFC1918? #54
Labels
Comments
claudijd
changed the title
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I was thinking this would be a no-brainer, but then again, I kind of want to scan localhost. I suppose maybe this could be just adding features that describe what can/cannot be scanned, in case someone runs this on their edge and wants to prevent internal scanning from external sources.
I suppose one simple solution would be to allow the ability to restrict RFC1918 ranges in the API config and reject any submission requests for that. This could be just a set of CIDRs or individual addrs that we check before we scan.
It's currently not an issue as we host the service in a VPS, but would be more relevant if we self-hosted.
The text was updated successfully, but these errors were encountered: