Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

Fresh, from Bucharest...

January 12, 2017 by Marc Handelman in Believe It Or Not, All is Information, Data Security, Database Security, DBMS Security, Information Security

Via CIO Romania correspondent Lucian Constantin, comes bad news indeed, for MongoDB users, that is:

'Five groups of attackers are competing to delete as many publicly accessible MongoDB databases as possible' - via CIO reporter Lucian Constantin

My suggestion is to, um - perhaps...not expose your database layer to external contact... Perhaps a DENY ALL to rule for your MongoDB deployment in your firewall would be helpful as well... just saying. Oh, and very good advice from Lucian at the end of his reportage: Use the MongoDB security checklist. It is - I can assure you - prietenul tău!. I also strongly suggest taking the time to read the Security Hardening documention from MongoDB; you can also download an EPUB version of the MongoDB manual. You'll be glad you did. That is all.

Tip of the Tam o'Shanter

January 12, 2017 /Marc Handelman /Source
Believe It Or Not, All is Information, Data Security, Database Security, DBMS Security, Information Security
  • Newer
  • Older