Details

Changing the port used by MongoDB makes it harder for attackers to find the database and target it.

Rationale:

Standard ports are used in automated attacks and by attackers to verify which applications are running on a server.

Solution

Change the port for MongoDB server to a number other than 27017.
Impact:
Hackers frequently scan IP addresses for commonly used ports, so it’s not uncommon to use a different port to “fly under the radar”. This is just to avoid detection, other than that there is no added safety by using a different port.

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/1705

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

• 800-53|CM-6b.
• CSCv6|9

Source

• Tenable.com/audits