To reduce the chances of attack, we'd want to reduce the surface area of the attack.

Surface Dimensions

  • Network
  • Storage
  • Access

So to reduce the surface area here, we would want to tell Mongo to only use specific host addresses to listen on. Remember how to do that? The setting is bindIp in the configuration file. If your computer has multiple IP addresses you should restrict Mongo to only listen on the minimum necessary.

Reduce surface, reduce number of doors.

BindIp takes a list of addresses.

results matching ""

    No results matching ""