Cloud-based software and services can be used to perform debugging operations, such as implementing breakpoint debugging and step debugging, and viewing stack information. This is called remote debugging. Protocols such as GDB, Java Debug Wire Protocol (JDWP), Xdebug, and Android Debug Bridge (ADB) can be used to debug scripts, binary files, and system files that are written in different programming languages. The programming languages include C, C++, Java, PHP, and Android.
Impacts
Remote debugging protocols have permissions on remote software and services. This may cause remote command execution.
- Unauthorized operations performed by an employee of an enterprise
Open remote debugging services can be used to remotely run commands and fully control hosts.
- Attacks
After attackers scan the ports that are open to the Internet for remote debugging services on the cloud, the attackers can implement remote command execution. As a result, the attackers have full permissions on your hosts and can perform operations such as trojan insertion and data theft.
- Spreading of worms and trojans
Worms and trojans can spread over remote debugging protocols, which causes threats such as mining activities and ransomware.
Operations in the Cloud Firewall console
The rules that you can use to disable remote debugging in the cloud are in Monitor mode. If you want to disable remote debugging in the cloud, you can log on to the Cloud Firewall console, choose , and click Customize in the Basic Protection section. In the Customize Basic Protection Policies dialog box, change the mode of some or all related rules to Block. This prevents or minimizes the preceding impacts in an efficient manner.