0

as you know there have been many attacks recently and tens of thousands of MongoDB databases were hacked and the data is held for ransom. Even mainstream news sources like BBC covered this.

Many sources claim that only Mongo versions below 2.6 are affected. Unfortunately, I can confirm that versions above 3 (part of MEAN stack) also can be hacked...

Can you please provide some recommendations for modifying the default config that Mongo comes with so that it is more secure. The official guide has several options here. It would be nice to hear your what the 'real people' have to sya.

372
  • 237
  • 2
  • 10
  • This isn't [on-topic](http://stackoverflow.com/help/on-topic) as a programming question for StackOverflow. Information Security StackExchange would be more appropriate, but there are already many similar questions and answers (eg: [How to secure a MongoDB instance?](http://security.stackexchange.com/questions/7610/how-to-secure-a-mongodb-instance?rq=1)). The recent attackers are not "hacking" in the traditional sense of exploiting software bugs: they are connecting to unsecured services on the public internet (i.e. no authentication, no firewall, and full external access). – Stennie Jan 20 '17 at 02:41
  • The real world solution is as described in the blog post you referenced: secure, backup, and monitor any services you deploy. It's a safe assumption that any service listening on the public internet will be discovered and attacked. An unsecured service is the easiest of targets, but the next step is moving on to known exploits (outdated O/S and software versions) or more traditional hacking (eg. brute force login attempts). If a service doesn't need to be public, keep it private (and still follow best practices for security, such as enabling authentication). – Stennie Jan 20 '17 at 02:41
  • don't bind mongodb to all network interfaces unless necessary, use a firewall, enable authentication. – ares Jan 20 '17 at 05:49

0 Answers0