Reply to post: Re: Firewall ?

Dumb MongoDB admins spew 600 TERABYTES of unauthenticated data

Anonymous Coward
Anonymous Coward

Re: Firewall ?

I thought the same, the default firewall rules would have prevented this. iptables defaults to allow localhost/loopback traffic and just because it's bound to all interfaces, someone must still have opened the port(s) on the firewall for it to be Internet accessible.

"Matherly says the near 30,000 databases are exposed through the use of older versions of the platform that fail to bind to localhost."

Personally I'm of the view that unless customers need to directly connect to a service, it should be behind a VPN (i.e. if they had it open to the 'net to integrate with another system, those two systems should be VPN'd if they can't be physically located together).

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019