Our institution recently had a “pentest” and they flagged our main BigFix server as having a potential issue. In particular, they said the masthead file was available from the Internet, meaning someone could see our license number, company, etc. Now I have our Information Security group asking about this.
We need to have our BigFix server facing the Internet if we want to patch systems on the road (laptops, computers at home, etc.) so I don’t think there’s anyway to block this?
We’re running the latest release 10.0.7.