Meow
#ElasticSearch, one of the database engines targeted by the #MeowDbAttack, has long had ZARRO authentication and security features in its free version.
(Security was added in only release 6.8, in May 2019, the database itself was released in 2010 https://www.elastic.co/guide/en/elasticsearch/reference/6.8/release-notes-6.8.0.html)
Instructions on securing the databse which remains unsecured by default are dated Februarry 2020:
https://www.elastic.co/blog/how-to-prevent-elasticsearch-server-breach-securing-elasticsearch
ElasticSearch is "trusted, used, and loved by" #Bayer, #Adobe, #Lenovo, #WalMart, and #Kroeger (https://www.elastic.co/elasticsearch/) and is the featured search utility on #AmazonAWS (https://aws.amazon.com/elasticsearch-service/)
The (strongly justified IMO) attack has removed nearly 4,000 unsecured databases since July 22:
One of the first publicly known examples of a Meow attack is an Elasticsearch database belonging to a VPN provider that claimed not to keep any logs.
https://arstechnica.com/information-technology/2020/07/more-than-1000-databases-have-been-nuked-by-mystery-meow-attack/
I'd really like to hear from #ElasticNV or founder/CEO #ShayBanon. For now, crickets:
https://twitter.com/kimchy
https://twitter.com/elastic
HN: https://news.ycombinator.com/item?id=23957510
SO: https://stackoverflow.com/questions/63067062/elastic-search-indexes-gets-deleted-frequently
Vendor, service, client, and deployment bullshit like this is a major cause of my frustrations (and worse) with the IT industry.
Other targets include #MongoDB #Cassandra #CouchDB #Redis #Hadoop #Jenkins, and unsecured network-attached storage devices (NAS).
Hats off to Meow's authors.
#sysadmin #dbadmin #netadmin #devops #infosec #schadenfreude
