6.2 Ensure that MongoDB uses a non-default port

Information

Changing the port used by MongoDB makes it harder for attackers to find the database and target it.

Rationale:

Standard ports are used in automated attacks and by attackers to verify which applications are running on a server.

Solution

Change the port for MongoDB server to a number other than 27017.

Impact:

Hackers frequently scan IP addresses for commonly used ports, so it's not uncommon to use a different port to 'fly under the radar'. This is just to avoid detection, other than that there is no added safety by using a different port.

See Also

https://workbench.cisecurity.org/files/1705

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CSCv6|9

Plugin: Windows

Control ID: 7882b86cad9f57dfa53f8c8c9cdfd100adf1216710ac7bde4e31e4f5c4c6b229