超过5千以上的Kibana实例裸奔在互联网上,国内第二!

作者: medcl   发布时间:2017-08-02
消息来自:https://medium.com/%40SergiuSe ... 4af48
因为这个网址不存在,所以搬过来大家一起看看,请自查自家服务器是不是快乐的在裸奔,嘿,要管管了啊。
试试:
https://www.zoomeye.org/search ... Dhost 
https://www.shodan.io/search?query=kibana​ 
 

Over 5,000 Kibana instances exposed on the internet

I’m not a big fan of writing articles so I’ll keep it short… I was using Shodan.io recently for research purposes and while searching for different devices I came across 5,591 Kibana instances exposed over the internet. A significant number of those instances didn’t use any authentication mechanisms and several had +100 million log events recorded.

The query syntax that I used was the following: kibana port:”5601".

1-Hq_v5wzUz4DVDWfDDKM1_w.png

 
Risk: Kibana is deployed alone or together with Elasticsearch and Logstash (the ELK Stack) for log management purposes and it gained notoriety in the last couple of years as an open source alternative to more expensive commercial solutions. Log management solutions usually contain sensitive info and should not be exposed over the internet… (people who are familiar with information security know what I’m talking about).

Solution: For all the entities affected please refer to the following link and enable authentication on your Kibana implementations: https://www.elastic.co/guide/e ... .html

1-ZhLEr1uzB5du22GM1cZ8PA.png

 
去年的大规模勒索事件,大家应该还记得吧,什么,ES你也裸奔着,你。。。
 

2 个评论

然后阿里占一半?
Youbent

Youbent 回复 lbx6z

应该是大家都用阿里的服务器吧

要回复文章请先登录注册