Karl Schrade

MongoDB

Discussion created by Karl Schrade on Mar 10, 2015

I recently had a discussion with one of our customers related to the several issues with unprotected or unsecure installations of MongoDB. I found this info in the community:

The specified item was not found.

And additional to the QID 19965 there are 2 QIDs related to MongoDB: QID 122710 and 45167. So far so good, this means a customer running VM scans on a regular basis should be able to report on instances of MongoDB.

BUT: The default ports of MongoDB are not included in the standard TCP port setting for VM Scans! The default ports are 27107, 27018, 27019, 28017. So in order to find MongoDB instances with VM scanning you need to include these ports manually, or do a full TCP port scan or create an option profile to scan those ports only. But this of course will only find default installations where the ports are not changed.

Question to Qualys: When to expect to have those default ports included in the standard TCP port set? This would really help.

Thanks

Karl

Outcomes