I'm often asked "How should I setup my security for Cassandra?" My answer is simple "Do not expose them to the outside world! If using AWS, setup your VPC and block any IP address that's not in your range and restrict what machines can access them."
On Fri, Jan 20, 2017 at 12:29 PM, Jonathan Ellis <jbel...@gmail.com> wrote: > MongoDB has been in the news for hackers deleting unsecured databases and > demanding money to return the data. > > Now copycats are starting to look at other targets too like the thousands > of unsecured Cassandra databases. > > Preventing this is very simple: don't allow Cassandra to listen on public > interfaces. > > Of course additional security measures are useful as defense in depth, but > bottom line if the bad guys can't connect to your cluster they can't harm > it. > > -- > Jonathan Ellis > co-founder, http://www.datastax.com > @spyced > -- -Richard L. Burton III @rburton
