By default, unless you are specifically blocking parts of CQ from your dispatcher, you could be exposing your Packages and Replication agents to the world.
You can fix this by adding this snippet to the /filter section of your dispatcher.any file:
/glob "* /etc/*"
/glob "* /etc/clientlibs/*"
/glob "* /etc/designs/*"
It doesn't matter where in the filter you put it, as long as the "deny" is first and the "allow" follows it. There may also be a need for some additional allow statements but the key to take away is not to explicitly allow everything within the entire /etc path.