消息来自:https://medium.com/%40SergiuSe ... 4af48
因为这个网址不存在,所以搬过来大家一起看看,请自查自家服务器是不是快乐的在裸奔,嘿,要管管了啊。
试试:
https://www.zoomeye.org/search ... Dhost
https://www.shodan.io/search?query=kibana
Over 5,000 Kibana instances exposed on the internet
I’m not a big fan of writing articles so I’ll keep it short… I was using Shodan.io recently for research purposes and while searching for different devices I came across 5,591 Kibana instances exposed over the internet. A significant number of those instances didn’t use any authentication mechanisms and several had +100 million log events recorded.
The query syntax that I used was the following: kibana port:”5601".
Risk: Kibana is deployed alone or together with Elasticsearch and Logstash (the ELK Stack) for log management purposes and it gained notoriety in the last couple of years as an open source alternative to more expensive commercial solutions. Log management solutions usually contain sensitive info and should not be exposed over the internet… (people who are familiar with information security know what I’m talking about).
Solution: For all the entities affected please refer to the following link and enable authentication on your Kibana implementations: https://www.elastic.co/guide/e ... .html
去年的大规模勒索事件,大家应该还记得吧,什么,ES你也裸奔着,你。。。
因为这个网址不存在,所以搬过来大家一起看看,请自查自家服务器是不是快乐的在裸奔,嘿,要管管了啊。
试试:
https://www.zoomeye.org/search ... Dhost
https://www.shodan.io/search?query=kibana
Over 5,000 Kibana instances exposed on the internet
I’m not a big fan of writing articles so I’ll keep it short… I was using Shodan.io recently for research purposes and while searching for different devices I came across 5,591 Kibana instances exposed over the internet. A significant number of those instances didn’t use any authentication mechanisms and several had +100 million log events recorded.
The query syntax that I used was the following: kibana port:”5601".
Risk: Kibana is deployed alone or together with Elasticsearch and Logstash (the ELK Stack) for log management purposes and it gained notoriety in the last couple of years as an open source alternative to more expensive commercial solutions. Log management solutions usually contain sensitive info and should not be exposed over the internet… (people who are familiar with information security know what I’m talking about).
Solution: For all the entities affected please refer to the following link and enable authentication on your Kibana implementations: https://www.elastic.co/guide/e ... .html
去年的大规模勒索事件,大家应该还记得吧,什么,ES你也裸奔着,你。。。
[尊重社区原创,转载请保留或注明出处]
本文地址:http://elasticsearch.cn/article/206
本文地址:http://elasticsearch.cn/article/206