guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sciUser <>
Subject Re: Guacamole With F5 Waf
Date Sun, 14 Apr 2019 17:04:15 GMT
I recommend you tail the tomcat logs to capture normal operations of the Post
and Get requests then add that to your WAF rule set, anything outside that

This can be simple as copying the log syntax and adding it to the WAF.
I use firewalld and IPTABLES algo. 

You can actually make it so that the GUACD and MYSQL only talk to each other
if a certificate (PKI) is validated between each other.
I would also run the SQL security script (mysql_secure_installation) to lock
down the database.

Also if you haven't done this yet, adding a password to Mysql core database
(be surprised how many forget).

Hope this helps

Thank You

Sent from:

View raw message