Hacker News new | ask | show | jobs
by alpb 3022 days ago
I'm trying to understand what the issue here was. Did they publicly expose the kubelet port on the internet?
2 comments
jc_sec 3022 days ago
Yep. The kubelet ports were exposed. From the article:

As it turns out, our coworker’s server was also publicly exposing the kubelet ports (tcp 10250, tcp 10255). Although the problem here was obvious, it should raise some questions about your own Kubernetes deployment, as it did for us.

link
jc_sec 3022 days ago
Try a quick nmap scan on an AWS or Google IP range for tcp port 10250 to see some scary results.
link