"Leaky etcd servers could be a boon to data thieves and ransomware scammers."
etcd is described as "A distributed, reliable key-value store for the most critical data of a distributed system.".
Thousands of servers operated by businesses and other organizations are openly sharing credentials that may allow anyone on the Internet to log in and read or modify potentially sensitive data stored online.
In a blog post published late last week, researcher Giovanni Collazo said a quick query on the Shodan search engine returned almost 2,300 Internet-exposed servers running etcd, a type of database that computing clusters and other types of networks use to store and distribute passwords and configuration settings needed by various servers and applications. etcd comes with a programming interface that responds to simple queries that by default return administrative login credentials without first requiring authentication. The passwords, encryption keys, and other forms of credentials are used to access MySQL and PostgreSQL databases, content management systems, and other types of production servers.
Maybe it's just me, but if the phrases "store for the most critical data of a distributed system" and "Internet facing" both occur in your description of a node of your architecture, you're probably doing it wrong.
(Score: 0) by Anonymous Coward on Sunday March 25 2018, @07:35PM
Oh yeah? Here, hold my beer ...