cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jonathan Ellis <jbel...@gmail.com>
Subject Reminder: don't listen on public addresses
Date Fri, 20 Jan 2017 17:29:29 GMT
MongoDB has been in the news for hackers deleting unsecured databases and
demanding money to return the data.

Now copycats are starting to look at other targets too like the thousands
of unsecured Cassandra databases.

Preventing this is very simple: don't allow Cassandra to listen on public
interfaces.

Of course additional security measures are useful as defense in depth, but
bottom line if the bad guys can't connect to your cluster they can't harm
it.

-- 
Jonathan Ellis
co-founder, http://www.datastax.com
@spyced

Mime
View raw message