cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jonathan Ellis <>
Subject Reminder: don't listen on public addresses
Date Fri, 20 Jan 2017 17:29:29 GMT
MongoDB has been in the news for hackers deleting unsecured databases and
demanding money to return the data.

Now copycats are starting to look at other targets too like the thousands
of unsecured Cassandra databases.

Preventing this is very simple: don't allow Cassandra to listen on public

Of course additional security measures are useful as defense in depth, but
bottom line if the bad guys can't connect to your cluster they can't harm

Jonathan Ellis

View raw message