居然是你
风险预报

风险预报

超过5千以上的Kibana实例裸奔在互联网上,国内第二!

资讯动态medcl 发表了文章 • 2 个评论 • 4387 次浏览 • 2017-08-02 15:20 • 来自相关话题

消息来自:https://medium.com/%40SergiuSe ... 4af48 因为这个网址不存在,所以搬过来大家一起看看,请自查自家服务器是不是快乐的在裸奔,嘿,要管管了啊。 试试: https://www.zoomeye.org/search ... Dhost  https://www.shodan.io/search?query=kibana​    Over 5,000 Kibana instances exposed on the internet I’m not a big fan of writing articles so I’ll keep it short… I was using Shodan.io recently for research purposes and while searching for different devices I came across 5,591 Kibana instances exposed over the internet. A significant number of those instances didn’t use any authentication mechanisms and several had +100 million log events recorded. The query syntax that I used was the following: kibana port:”5601".
1-Hq_v5wzUz4DVDWfDDKM1_w.png
  Risk: Kibana is deployed alone or together with Elasticsearch and Logstash (the ELK Stack) for log management purposes and it gained notoriety in the last couple of years as an open source alternative to more expensive commercial solutions. Log management solutions usually contain sensitive info and should not be exposed over the internet… (people who are familiar with information security know what I’m talking about). Solution: For all the entities affected please refer to the following link and enable authentication on your Kibana implementations: https://www.elastic.co/guide/e ... .html
1-ZhLEr1uzB5du22GM1cZ8PA.png
  去年的大规模勒索事件,大家应该还记得吧,什么,ES你也裸奔着,你。。。  

超过5千以上的Kibana实例裸奔在互联网上,国内第二!

资讯动态medcl 发表了文章 • 2 个评论 • 4387 次浏览 • 2017-08-02 15:20 • 来自相关话题

消息来自:https://medium.com/%40SergiuSe ... 4af48 因为这个网址不存在,所以搬过来大家一起看看,请自查自家服务器是不是快乐的在裸奔,嘿,要管管了啊。 试试: https://www.zoomeye.org/search ... Dhost  https://www.shodan.io/search?query=kibana​    Over 5,000 Kibana instances exposed on the internet I’m not a big fan of writing articles so I’ll keep it short… I was using Shodan.io recently for research purposes and while searching for different devices I came across 5,591 Kibana instances exposed over the internet. A significant number of those instances didn’t use any authentication mechanisms and several had +100 million log events recorded. The query syntax that I used was the following: kibana port:”5601".
1-Hq_v5wzUz4DVDWfDDKM1_w.png
  Risk: Kibana is deployed alone or together with Elasticsearch and Logstash (the ELK Stack) for log management purposes and it gained notoriety in the last couple of years as an open source alternative to more expensive commercial solutions. Log management solutions usually contain sensitive info and should not be exposed over the internet… (people who are familiar with information security know what I’m talking about). Solution: For all the entities affected please refer to the following link and enable authentication on your Kibana implementations: https://www.elastic.co/guide/e ... .html
1-ZhLEr1uzB5du22GM1cZ8PA.png
  去年的大规模勒索事件,大家应该还记得吧,什么,ES你也裸奔着,你。。。