aptos-ait2 icon indicating copy to clipboard operation
aptos-ait2 copied to clipboard

Published 20 hours ago verified publisher icon aptos-labs

suspected vulnerability of the metrics port 9101

Open grassets-tech opened this issue 3 years ago • 1 comments

Issue statement: We have noticed significant Tx increase utilising full 1Gbs network bandwidth since the latest changes applied about 12 hours ago. RX packets 1882428703 bytes 5192380941113 (5.1 TB) --> IP 129.151.73.134 using wide range of ports.

The latest changes were to update to the image testnet_f5d8013b0a1851da8e078394d83130d3adaf7670 and setting the timeout to 2000ms.

On diagram below you can see Tx increase at around 8:30 UTC+1 image

Workaround solution:

close metric port 9101. On diagram below you can see Tx is back to normal at around 23:30 UTC+1

image

grassets-tech avatar Jul 21 '22 06:07 grassets-tech

Yes, we did get several report that people getting attacked on metrics port, please make sure you keep the port closed. This is part of our documentation for node best practice

sherry-x avatar Jul 22 '22 04:07 sherry-x