dnswatchdog.iodocs
Issues

Port 9042: Cassandra

Open Cassandra port detected on a publicly accessible host.

Severity: Critical | Port: 9042

What is Cassandra?

Apache Cassandra is a distributed NoSQL database designed for handling large amounts of data across many servers. It is used by organizations that need high availability and horizontal scalability — common in IoT, messaging, and time-series data applications. Port 9042 is the CQL (Cassandra Query Language) native transport port.

Why this is a problem

Cassandra does not enable authentication by default. An exposed port 9042 allows anyone to connect and run CQL queries — reading, modifying, or deleting data across the entire cluster. Even with authentication enabled, exposing the port increases the attack surface for brute-force attempts and exploitation of known vulnerabilities.

What you should do

  • Block port 9042 from the internet
  • Enable authentication and authorization in cassandra.yaml
  • Bind Cassandra to private network interfaces only
  • Use SSL/TLS for client-to-node and node-to-node communication
  • If remote access is needed, use a VPN or SSH tunnel

Port 7474: Neo4j

Open Neo4j port detected on a publicly accessible host.

Port 9200: Elasticsearch

Open Elasticsearch port detected on a publicly accessible host.

On this page

What is Cassandra?Why this is a problemWhat you should do