TOC & Recently Viewed

Recently Viewed Topics

MongoDB Syntax

The syntax for this plugin and an audit are as follows:

<custom_item>

description: "MongoDB - single_user_in_any_database"

mongo_function: "single_user_in_any_database"

known_good: "no single-user databases"

</custom_item>

 

<custom_item>

description: "MongoDB - matching_hashes"

mongo_function: "matching_hashes"

known_good: "no matching hashes"

</custom_item>

 

<custom_item>

description: "MongoDB - user_can_eval"

mongo_function: "user_can_eval"

known_good: "no user can run eval commands"

</custom_item>

MongoDB audit can also support custom checks:

<custom_item>

description: "Require Authentication - DB Users - 'User authenticated by MONGODB-CR'"

collection: "admin.system.users"

query: '{"credentials.MONGODB-CR": {"$exists": 1}}'

fieldsSelector: '{"_id": 0, "user" : 1}'

regex: "user"

</custom_item>

 

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.