Sometimes it gets old hearing about all the hits, runs, and errors of which information was exposed because something was left unsecured.
I mean, how many S3 bucket stories have you read? Odds are you've lost count.
However, in this case there is a nugget of information that may help you protect your network.
Data was exposed on servers of the Maryland Joint Insurance Association (MJIA), including clients' Social Security numbers and also logins to a national insurance claims database used by insurance companies across the U.S.
But here's where the story in Threatpost becomes relevant. Researcher Chris Vickery of Upguard found two specific ports that could provide him access to the network, and one of them was open.
"Vickery found the exposed data after scanning IP addresses for ones that had port 873 open and exposed to the public Internet, he said in an interview. Port 873 is the default port used for running the rsync protocol for replication and backup.
It wasn’t open on the MJIA’s systems, but he noticed that at the same IP address port 9000 was open. Port 9000 is often used as a web front end for NAS servers. Vickery found this was the case with the MJIA’s NAS server and was able to access the entire trove of data, he said. The port has since been closed."
This raises a kind of big picture question: Which of your organization's "digital doors" are propped open when they should be slammed shut?
