How to Harden AI Instances for Privacy and Security
Background Last month, Cisco researchers detected over 1,000 Ollama instances within the first 10 minutes using Shodan scanning on 11434 port. Other services such as vLLM/llama.cpp/LangChain on 8000, LM Studio on 1234, GPT4All on 4891, are also identified. Later, Censys found 10.6K Ollama instances publicly available online, and 1.5K of these instances respond to prompts. That poses not only a great security risk of RCE, injection and poisoning, but also possible to expose private chat memory via unauthorized prompting. ...