Add some lines to Exploit Detection and Mitigation

Author: mpizala

documentation/modules/exploit/linux/http/rancher_server.md

@@ -138,10 +138,26 @@ Architecture : x64
 Meterpreter  : x64/linux
 meterpreter >
 ```
+## Exploit Detection
+Rancher Server has an [audit log][7]. While running this module two
+events (create and delete) were logged. Even though the container is 
+deleted, its still able to be viewed from the link in the audit log.
+
+## Mitigation
+* Do not deploy a Rancher Host on the same host where the Rancher
+  Server is. Your entire rancher infrastructure is in [danger][8].
+* Only allow trusted users to have more permissions than read-only.
+
+Docker protection such as Username Namespaces could not be applied
+because Rancher Agents run as a privileged container.
+
 
 [1]:https://www.debian.org/releases/stretch/amd64/index.html.en
 [2]:https://docs.docker.com/engine/installation/linux/docker-ce/debian/
-[3]:http://rancher.com/docs/rancher/v1.6/en/installing-rancher/installing-server/#launching-rancher-server---single-container-non-ha
-[4]:http://rancher.com/docs/rancher/v1.6/en/hosts/#adding-a-host
-[5]:http://rancher.com/docs/rancher/v1.6/en/api/v2-beta/api-keys/
-[6]:http://rancher.com/docs/rancher/v1.6/en/environments/#membership-roles
+[3]:https://rancher.com/docs/rancher/v1.6/en/installing-rancher/installing-server/#launching-rancher-server---single-container-non-ha
+[4]:https://rancher.com/docs/rancher/v1.6/en/hosts/#adding-a-host
+[5]:https://rancher.com/docs/rancher/v1.6/en/api/v2-beta/api-keys/
+[6]:https://rancher.com/docs/rancher/v1.6/en/environments/#membership-roles
+[7]:https://rancher.com/docs/rancher/v1.6/en/rancher-services/audit-log/
+[8]:https://rancher.com/docs/rancher/v1.6/en/faqs/troubleshooting/#help-i-turned-on-access-controldocsrancherv16enconfigurationaccess-control-and-can-no-longer-access-rancher-how-do-i-reset-rancher-to-disable-access-control
+[9]:https://rancher.com/docs/rancher/v1.6/en/installing-rancher/selinux/