4

I just realized that I have been connecting (sending user name and password) to my production MongoDB database for several weeks using MongoChef (a database GUI) without the SSL option enabled. I recently switched to MongoChef from a different GUI, and totally forgot to enable SSL.

I'm reasonably confident that no one on my local network was sniffing (all people I trust). I'm mostly worried about someone, somewhere on one of the ISP devices in between me and the database was listening and collecting data that could be valuable.

I'm wondering if there is anyway to quantify the risk? And is there anyway anyone can think of for me to determine if I have been compromised. If it makes any difference, the datacenter I was connecting to is in a neighboring region of the country.

Thanks

cTylk
  • 43
  • 3
  • 2
    What data is in the database? Cat photos or nuclear launch codes? – paj28 Oct 12 '16 at 08:12
  • 4
    Change the password and check for incorrect logins? Did you enable logs? – pee2pee Oct 12 '16 at 08:49
  • 4
    Why would you ponder whether it was compromised or not when the obvious right thing to do is "enable TLS; change password; yesterday"? – Bruno Rohée Oct 12 '16 at 09:02
  • How many other places are you using the same password? Does any of those places store nuclear launch codes? The point is of you also have access to something, anywhere else, of high value, (even if you don't re-use passwords) then people are more likely to target you, eg harvest this password hoping it will lead to other access. – Johan Oct 12 '16 at 14:39
  • Given how Internet traffic can be routed, the fact that you and the target server are located in the same country does not necessarily mean anything at all if your threat model includes passive (pervasive or not) monitoring. – user Oct 14 '16 at 09:29

3 Answers3

4

I don't think anyone is able to ultimately quantify the risk. Usually security people are trained to take a systematic approach here which will help you classify the issue:

  1. Asset Value Estimation => as someone said above: what is in your DB? Cat photos or nuclear launch codes?
  2. Threat Modeling => who could be interested in the data and what could they do with it? Would it be of significant monetary value to someone?
  3. Technical Assessment => How probable is it that someone has compromised an ISP device and can sniff your data (this is probably what you are asking for, but in order to quantify your personal risk you need to take into account 1 and 2. The NSA can possibly compromise those devices but they'll just ignore your data if we're dealing with cat photos). I think it is pretty hard to compromise an internet router. Requires a lot of knowledge, criminal energy and probably money.
  4. Are there ways to mitigate the risk => Yes, obviously. Change the password. If you use it on other sites, change it there as well.
kaidentity
  • 2,634
  • 13
  • 30
  • 2
    Better yet, if you have reused the password, change it to a unique password in those other places. – user Oct 12 '16 at 12:30
2

It is absolutely impossible to give you a number here, and it's not important either. What you need to do is enable TLS and change the password, as well as change the password anywhere you've reused the same password, of course.

Tobias
  • 204
  • 1
  • 5
0
  • Internet routers are known to be compromised (there are studies about internet routers injecting ads in http requests)
  • It's trivial to implement a parser that store plaintext login/passwords that transit

So you can't know for sure, but the safest way is to consider them compromised.

Tom
  • 2,063
  • 12
  • 19