Vagrant used to ship with a default keypair and was difficult to rotate.
**fixed with new versions of Vagrant. Finding hosts using the default key still pretty likely.
Did you change your SSH keys?
Default Credentials
root/vagrant vagrant/vagrant
No pass to sudo :-)
Scanning for the default key using metasploit (ssh_login_pubkey module)
Log in with private key
1 comment:
You can always protect your website with Web Application Firewall from cloud-based security provider like Incapsula.
Tools Lists
1. Scan My Server
2. SUCURI
3. Qualys SSL Labs, Qualys FreeScan
4. Quttera
5. Detectify
6. SiteGuarding
7. Web Inspector
8. Acunetix
9. Asafa Web
10. Netsparker Cloud
11. UpGuard Web Scan
12. Tinfoil Security
Post a Comment