Ports exposed

No TCP/UDP Ports Exposed

Not exposing any TCP/UDP ports during the initial stage of a service or container deployment is a security measure that limits network access.

Impact

1. Reduced attack surface: Minimizes potential entry points) for network-based attacks.
2. Improved security posture: Prevents unauthorized access to services that may not be fully configured or secured.
3. Network isolation: The service cannot receive incoming connections, limiting its ability to interact with other network entities.
4. Outbound connections: While incoming connections are blocked, the service can still initiate outbound connections if needed.

Considerations

1. Service accessibility: Services requiring incoming connections will require port exposure at a later stage.
2. Inter-service communication: In containerized environments, internal communication may still be possible through container networks without exposing ports externally.

What next?

Consider reading up on:

• All Linux capabilities dropped
• Services run with UserID 65535