6.1 Ensure that MongoDB uses a non-default port

Information

Changing the default port used by MongoDB makes it harder for attackers to find the database and target it.

Rationale:

Standard ports are used in automated attacks and by attackers to verify which applications are running on a server.

Impact:

Hackers frequently scan IP addresses for commonly used ports, so it's not uncommon to use a different port to 'fly under the radar'. This is just to avoid detection, other than that there is no added safety by using a different port.

Solution

Change the port for MongoDB server to a number other than 27017.
In mongod.conf edit the below lines

# network interfaces
net:
port: $Orginasation Defined port
bindIp: $Orginasation Defined IP

See Also

https://workbench.cisecurity.org/benchmarks/15135

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-4, CSCv7|9.2

Plugin: Unix

Control ID: 9587b61099bf1dca751d64b45ec4be579507f1adce5f3b5913d38c324354b94c