{"id":17999,"date":"2021-06-29T22:54:20","date_gmt":"2021-06-29T20:54:20","guid":{"rendered":"https:\/\/tuxproject.de\/blog\/?p=17999"},"modified":"2021-06-29T22:54:20","modified_gmt":"2021-06-29T20:54:20","slug":"scheunentor-ueberraschend-durchschossen","status":"publish","type":"post","link":"https:\/\/tuxproject.de\/blog\/2021\/06\/scheunentor-ueberraschend-durchschossen\/","title":{"rendered":"Scheunentor \u00fcberraschend durchschossen"},"content":{"rendered":"

Was passiert, wenn man eine Daten\u00adbank ohne Pass\u00adwortschutz offen im Inter\u00adnet zur Ver\u00adf\u00fc\u00adgung stellt?<\/p>\n

Nun, jemand wird sie find\u00aden und benutzen:<\/a><\/p>\n

When I con\u00adtainer\u00adized Mon\u00adgoDB, Dock\u00ader help\u00adful\u00adly insert\u00aded an allow rule into ipt\u00ada\u00adbles, open\u00ading up Mon\u00adgoDB to the world.<\/p><\/blockquote>\n

    \n
  1. Man h\u00e4ngt eine ungesch\u00fctzte Daten\u00adbank<\/li>\n
  2. in einem \u201cCon\u00adtain\u00ader\u201d (d.h. in ein\u00ader black box<\/em> ohne direk\u00adten Pro\u00adtokol\u00adlzu\u00adgang)<\/li>\n
  3. offen ins Inter\u00adnet und schreibt dann, dass<\/li>\n
  4. \u201cHack\u00ader\u201d frecher\u00adweise diese M\u00f6glichkeit genutzt haben.<\/li>\n<\/ol>\n

    Immer\u00adhin habe aber das Ein\u00adspie\u00adlen ein\u00ader Sicherungskopie nur vier\u00addreivier\u00adtel Stun\u00adden<\/em> gedauert. <\/p>\n

    Ob das Web wohl wieder bess\u00ader<\/em> w\u00e4re, wenn es schwieriger<\/em> w\u00e4re, einen Serv\u00ader zu betreiben?<\/p>\n","protected":false},"excerpt":{"rendered":"

    Was passiert, wenn man eine Daten\u00adbank ohne Pass\u00adwortschutz offen im Inter\u00adnet zur Ver\u00adf\u00fc\u00adgung stellt? Nun, jemand wird sie find\u00aden und benutzen: When I con\u00adtainer\u00adized Mon\u00adgoDB, Dock\u00ader help\u00adful\u00adly insert\u00aded an allow rule into ipt\u00ada\u00adbles, open\u00ading up Mon\u00adgoDB to the world. Man h\u00e4ngt eine ungesch\u00fctzte Daten\u00adbank in einem \u201cCon\u00adtain\u00ader\u201d (d.h. in ein\u00ader black box ohne direk\u00adten Pro\u00adtokol\u00adlzu\u00adgang) \u2026<\/p>\n

    \u2018Sche\u00adunen\u00adtor \u00fcber\u00adraschend durch\u00adschossen\u2019 weit\u00ader\u00adlesen \u00bb<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"wp_typography_post_enhancements_disabled":false,"footnotes":""},"categories":[19],"tags":[],"series":[],"class_list":["post-17999","post","type-post","status-publish","format-standard","hentry","category-nerdkrams"],"share_on_mastodon":{"url":"","error":""},"wp-worthy-pixel":{"ignored":false,"public":null,"server":null,"url":null},"wp-worthy-type":"normal","_links":{"self":[{"href":"https:\/\/tuxproject.de\/blog\/wp-json\/wp\/v2\/posts\/17999","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tuxproject.de\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tuxproject.de\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tuxproject.de\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tuxproject.de\/blog\/wp-json\/wp\/v2\/comments?post=17999"}],"version-history":[{"count":0,"href":"https:\/\/tuxproject.de\/blog\/wp-json\/wp\/v2\/posts\/17999\/revisions"}],"wp:attachment":[{"href":"https:\/\/tuxproject.de\/blog\/wp-json\/wp\/v2\/media?parent=17999"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tuxproject.de\/blog\/wp-json\/wp\/v2\/categories?post=17999"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tuxproject.de\/blog\/wp-json\/wp\/v2\/tags?post=17999"},{"taxonomy":"series","embeddable":true,"href":"https:\/\/tuxproject.de\/blog\/wp-json\/wp\/v2\/series?post=17999"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}