Skip to content

Latest commit

 

History

History
143 lines (128 loc) · 10.2 KB

mitigations.md

File metadata and controls

143 lines (128 loc) · 10.2 KB

Mitigation Strategies Analysis for mongodb/mongo

Mitigation Strategy: Enable Authentication

  • Description:
    1. Access MongoDB Configuration File: Locate the MongoDB configuration file, typically named mongod.conf.
    2. Edit Configuration: Open the mongod.conf file with a text editor.
    3. Enable Authorization: Find or add the security section. Within, add or modify authorization: enabled.
    4. Save Configuration: Save changes to mongod.conf.
    5. Restart MongoDB Server: Restart the MongoDB server (mongod).
    6. Create Administrative User: Connect to MongoDB shell without auth initially. Create an admin user with userAdminAnyDatabase role using db.createUser().
  • List of Threats Mitigated:
    • Unauthorized Access (High Severity): Prevents anonymous database access.
    • Data Breach (High Severity): Reduces risk by requiring credentials for access.
    • Data Manipulation (High Severity): Prevents unauthorized data modification.
  • Impact:
    • Unauthorized Access: High Risk Reduction
    • Data Breach: High Risk Reduction
    • Data Manipulation: High Risk Reduction
  • Currently Implemented: Yes, on production and staging MongoDB instances.
  • Missing Implementation: N/A - Implemented across all environments.

Mitigation Strategy: Implement Role-Based Access Control (RBAC)

  • Description:
    1. Identify Required Permissions: Determine minimum permissions for each application component/user role.
    2. Define Custom Roles (If Needed): Create custom roles using db.createRole() in mongo shell if built-in roles are insufficient. Specify precise permissions.
    3. Assign Roles to Users: Create dedicated MongoDB users using db.createUser() or db.updateUser(). Assign restrictive roles, avoiding overly permissive roles.
    4. Test Permissions: Verify assigned roles ensure users can perform tasks and are restricted from unauthorized actions.
    5. Regularly Review and Adjust Roles: Periodically review and adjust roles as application evolves, maintaining least privilege.
  • List of Threats Mitigated:
    • Privilege Escalation (High Severity): Prevents unauthorized access to more data/operations.
    • Data Breach (Medium Severity): Limits breach scope if component is compromised.
    • Insider Threats (Medium Severity): Reduces damage from malicious insiders.
  • Impact:
    • Privilege Escalation: High Risk Reduction
    • Data Breach: Medium Risk Reduction
    • Insider Threats: Medium Risk Reduction
  • Currently Implemented: Partially implemented. Basic roles used, custom roles not fully defined.
  • Missing Implementation: Refine roles with custom roles for granular control. Implement regular role review process.

Mitigation Strategy: Strong Password Policies and Management

  • Description:
    1. Enforce Password Complexity: Use strong, complex passwords when creating/updating users with db.createUser()/db.updateUser().
    2. Discourage Default Passwords: Avoid default/guessable passwords. Use strong temporary passwords initially, require change on first login.
    3. Password Rotation Policy: Implement regular password rotation, especially for admin accounts (e.g., every 90 days).
    4. Secure Password Storage (Internal Documentation): Document secure practices for managing MongoDB credentials within teams. Avoid plain text storage. Consider password managers/secrets management.
  • List of Threats Mitigated:
    • Brute-Force Attacks (High Severity): Harder to guess passwords via brute-force.
    • Dictionary Attacks (High Severity): Reduces effectiveness of dictionary attacks.
    • Credential Stuffing (Medium Severity): Less likely compromised credentials from elsewhere will work.
  • Impact:
    • Brute-Force Attacks: High Risk Reduction
    • Dictionary Attacks: High Risk Reduction
    • Credential Stuffing: Medium Risk Reduction
  • Currently Implemented: Partially implemented. Strong passwords encouraged, formal rotation policy missing.
  • Missing Implementation: Formalize password policy, implement rotation schedule, consider secrets management integration.

Mitigation Strategy: Bind MongoDB to Specific Interfaces

  • Description:
    1. Access MongoDB Configuration File: Locate mongod.conf.
    2. Edit Configuration: Open mongod.conf with text editor.
    3. Configure bindIp: Find/add net section. Locate/add bindIp setting.
    4. Specify Interface(s): Set bindIp to specific interface IPs.
      • Loopback: bindIp: 127.0.0.1 (local access only).
      • Private Network: bindIp: <private_ip_address> (private network access).
    5. Comment out bindIpAll: Remove/comment out bindIpAll: true if present.
    6. Save Configuration: Save changes to mongod.conf.
    7. Restart MongoDB Server: Restart mongod service.
    8. Verify Binding: Use netstat or ss to confirm binding to specified interfaces.
  • List of Threats Mitigated:
    • Unauthorized Network Access (High Severity): Prevents external network connections.
    • Remote Exploitation (Medium Severity): Reduces attack surface by limiting accessibility.
  • Impact:
    • Unauthorized Network Access: High Risk Reduction
    • Remote Exploitation: Medium Risk Reduction
  • Currently Implemented: Yes, on production and staging. Bound to private network interface.
  • Missing Implementation: N/A - Implemented across all environments.

Mitigation Strategy: Enable TLS/SSL Encryption for Connections

  • Description:
    1. Obtain TLS/SSL Certificates: Get TLS/SSL certificates (CA-signed recommended for production).
    2. Configure MongoDB Server for TLS/SSL:
      • Access mongod.conf: Open mongod.conf.
      • Configure TLS Section: Add/modify net.tls section.
      • Specify Certificate/Key Files: Set net.tls.certificateKeyFile to certificate and key file paths (PEM).
      • Enable TLS: Set net.tls.mode to requireTLS (enforce TLS) or preferTLS (prefer TLS, allow non-TLS).
    3. Configure MongoDB Driver for TLS/SSL:
      • Connection String Options: Modify connection string to enable TLS (e.g., tls=true).
      • Driver-Specific TLS Options: Consult driver docs for TLS configuration details.
    4. Restart MongoDB Server: Restart mongod after server-side TLS config.
    5. Test TLS Connections: Verify application connects via TLS/SSL. Confirm encrypted connections using network tools/driver logs.
  • List of Threats Mitigated:
    • Eavesdropping (High Severity): Prevents interception of data in transit.
    • Man-in-the-Middle Attacks (Medium Severity): Reduces risk of MITM attacks.
  • Impact:
    • Eavesdropping: High Risk Reduction
    • Man-in-the-Middle Attacks: Medium Risk Reduction
  • Currently Implemented: Yes, on production and staging. TLS/SSL enabled for all connections.
  • Missing Implementation: N/A - Implemented across all environments.

Mitigation Strategy: Resource Limits and Connection Limits

  • Description:
    1. Access MongoDB Configuration File: Locate mongod.conf.
    2. Edit Configuration: Open mongod.conf.
    3. Set Connection Limits: Configure net.maxIncomingConnections to limit concurrent connections.
    4. Set Resource Limits (OS Level - if needed): Use OS-level tools (e.g., ulimit on Linux) to limit resources like memory and file handles for the mongod process.
    5. Save Configuration: Save changes to mongod.conf.
    6. Restart MongoDB Server: Restart mongod service.
    7. Monitor Resource Usage: Monitor MongoDB resource consumption after implementing limits.
  • List of Threats Mitigated:
    • Denial of Service (DoS) (Medium Severity): Prevents resource exhaustion DoS attacks.
    • Performance Degradation (Medium Severity): Limits impact of resource-intensive operations.
  • Impact:
    • Denial of Service (DoS): Medium Risk Reduction
    • Performance Degradation: Medium Risk Reduction
  • Currently Implemented: Partially implemented. Connection limits are set, OS-level resource limits not fully configured.
  • Missing Implementation: Review and configure OS-level resource limits for mongod process for enhanced resource control.

Mitigation Strategy: Query Optimization and Indexing

  • Description:
    1. Identify Slow Queries: Use MongoDB profiling tools (profiler, db.setProfilingLevel(), db.system.profile) to find slow queries.
    2. Analyze Query Execution Plans: Use explain() on queries to analyze execution plans, identify inefficiencies (collection scans).
    3. Create Indexes: Create indexes using db.collection.createIndex() for frequently used query fields (filters, sorts, aggregation).
    4. Optimize Query Structure: Refactor slow queries:
      • Use covered queries (index contains all data).
      • Use limit() and skip() for result set control.
      • Optimize aggregation pipelines.
    5. Regular Performance Monitoring: Continuously monitor query performance, address regressions and new slow queries.
  • List of Threats Mitigated:
    • Denial of Service (DoS) (Medium Severity): Prevents slow queries from causing DoS.
    • Performance Degradation (Medium Severity): Maintains application performance.
  • Impact:
    • Denial of Service (DoS): Medium Risk Reduction
    • Performance Degradation: High Risk Reduction
  • Currently Implemented: Partially implemented. Indexes for common queries exist, ongoing optimization lacking.
  • Missing Implementation: Implement regular query performance analysis, optimization process, performance monitoring dashboards/alerts.