Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> None of the database guides I followed had warned me about the dangers of exposing a docker containerized database to the internet.

This is like IT security 101.

> A quick IP search revealed that it was registed with a Chinese ISP and located in the Russian Federation.

Welcome to the Internet. Follow me. Always block China and Russia from any of your services. You are never going to need them and the only thing that can come from them is either a remote attack or unauthorized data sent to them.



> Always block China and Russia from any of your services.

But does this add much security if bad actors are using VPNs ?


They'd need to run a VPN with end point in a less hostile country and so there's an element of enforcement on those endpoints.

At any rate, blocking China and Russia isn't ever presented as a foolproof defence, it just raises the barrier to attack.


They extensively use these VPNs, in NL. They can also use Tor exit node.

Either way, nothing is full proof. It is part of a solid defense in depth [1].

[1] https://en.m.wikipedia.org/wiki/Defense_in_depth_(computing)


Yes, but go further: Are you ever using your home server outside your own country? If the answer is no, block everything but your country. You can remove the vast majority of your attack surface by just understanding where you need to be exposed.


Yeah, the problem today is that there are many guides on MVPing software which don't tell you basic security.

The guy doesn't have a software background.

This is basically the problem with the 'everyone-should-code' approach - a little knowledge can be dangerous.


Blocking China and Russia adds no security. Attacks can come from anywhere. And when you start blocking IPs, you may accidentally block yourself.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: