I'm a web developer. I used to work in an environment where I could build entire production web sites and run them in local IIS for debugging purposes.
I recently switched jobs and now that's not allowed anymore. Security policy (please don't ask about it) does not allow for me to run IIS on my development workstation. However, it seems that there is no reason why I may not attach a remote debugger (msvsmon.exe) to the IIS running the development web site because it is not public-facing (neither is my workstation public facing, but let's not talk about the security policy that I have no control over).
I would like to know wha开发者_如何学JAVAt security concerns there are for using the remote debugger. The documentation says that UDP port 135 must be open between the remote development workstation and the web server being debugged...
Is there any particular security concern that I should bear in mind?
The only security concerns would be internal traffic sniffing on that port in case https traffic was being debugged and the unencrypted values were part of what was being debugged this data would likely go over the wire unencrypted.
Also, the vulnerabilities in the service that receives the UDP packets could be futzed with (again internally) to gain access in a way that would normally not be available (UDP port listening off).
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论