Folks,
thanks for the replies. We do use VPCs in AWS and the ZK ports are only
open to the solr machines (also in the same VPC). We're using Solr 8.3 and
ZK 3.5.6
We will investigate the Kerberos authentication.
thanks
Reinaldo
On Tue, Jul 28, 2020 at 6:03 PM Jörn Franke wrote:
> In Addition wh
In Addition what has been said before (use private networks/firewall rules) -
activate Kerberos authentication so that only Solr hosts can write to Zk (the
Solr client needs no write access) and use encryption where possible.
Upgrade Solr to the latest version, use ssl , enable Kerberos, have cl
so, your zookeeper/solr servers have public facing addresses/ports?
On Tue, Jul 28, 2020 at 4:41 PM Odysci wrote:
> Folks,
>
> I suspect one of our Zookeeper installations on AWS was subject to a Meow
> attack (
>
> https://arstechnica.com/information-technology/2020/07/more-than-1000-database
On Tue, Jul 28, 2020 at 4:39 PM Odysci wrote:
>
> Folks,
>
> I suspect one of our Zookeeper installations on AWS was subject to a Meow
> attack (
> https://arstechnica.com/information-technology/2020/07/more-than-1000-databases-have-been-nuked-by-mystery-meow-attack/
> )
>
> Basically, the configu
