Folks, I suspect one of our Zookeeper installations on AWS was subject to a Meow attack ( https://arstechnica.com/information-technology/2020/07/more-than-1000-databases-have-been-nuked-by-mystery-meow-attack/ )
Basically, the configuration for one of our collections disappeared from the Zookeeper tree (when looking at the Solr interface), and it left several files ending in "-meow" Before I realized it, I stopped and restarted the ZK and Solr machines (as part of ubuntu updates), and when ZK didn't find the configuration for a collection, it deleted the collection from Solr. At least that's what I suspect happened. Fortunately it affected a very small index and we had backups. But it is very worrisome. Has anyone had any problems with this? Is there any type of log that I can check to sort out how this happened? The ZK log complained that the configs for the collection were not there, but that's about it. and, is there a better way to protect against such attacks? Thanks Reinaldo
