Malcolm Corley · @mlc
0 followers · 66 posts · Server ruhr.social

Das security team schlägt als Lösung vor für Systems Manager zu aktivieren.

Durch VPC Endpoints können Dienste über AWS angebunden werden. Hierdurch wird der Dienst nicht über seine öffentliche sondern eine private IP Adresse aus dem VPC angesprochen, wodurch wiederum sichergestellt ist, dass nur der Systems Manager Service des eigenen Accounts kontaktiert wird.

docs.aws.amazon.com/systems-ma

#aws #vpc #endpoints #privatelink

Last updated 1 year ago

QGIS3.32を利用してLASからCOPCとSTAC仕様に基づいたVirtual Point Clouds(仮想点群)を生成する
qiita.com/nokonoko_1203/items/

#qiita #vpc #qgis #pointcloud #stac

Last updated 1 year ago

Erik Nygren :verified: · @nygren
492 followers · 507 posts · Server hachyderm.io

Product research question: if you use in a provider, what are your top use-cases? If you want to use IPv6 in a , what are the things you require that may not be obvious (eg, prefix-per-host, ULA, SLAAC/DHCPv6-PD/DHCPv6/CloudInit, some IPv4aaS function, etc)?

#ipv6 #cloud #vpc

Last updated 1 year ago

Renato Losio · @renato
93 followers · 41 posts · Server awscommunity.social

Amazon VPC Lattice Now GA with New Capabilities for Service-to-Service Connectivity
infoq.com/news/2023/04/aws-vpc

#aws #vpc #networking #security

Last updated 2 years ago

John Mulhall · @johmmlhll
4 followers · 181 posts · Server mastodon.ie

Yesterday saw me doing on Maolte Technical Solutions Limited's implemented in my starting with recommendations... stay tuned for updates...

#sysadmin #cloudarchitecture #aws #demo #project #securityhub #infrastructure #resource #cloudinfrastructure #cloud #s3 #vpc

Last updated 2 years ago

TSM at Work · @tsmatwork
11 followers · 105 posts · Server noc.social

Some days, the only thing you accomplish is fixing someone else’s .

#vpc

Last updated 2 years ago

Steve Gibson :cupofcoffee: · @steve
294 followers · 70 posts · Server mastohack.com

If you’re going to ship off your flow logs to a 3rd party vendor’s system (and not keep a local copy), for the love of Frejya, please actually confirm that the logs are there and queryable.

Threat actor in a client’s servers () moving data between servers in different VPCs. They had flow logs for the source VPC, but the second VPC was using kenesis data firehose going to a third party, where the logs are…missing 🙄 Makes it difficult to see where the data went from there.

#vpc #aws #dfir

Last updated 2 years ago

Renato Losio · @renato
87 followers · 30 posts · Server awscommunity.social

AWS Adds VPC Resource Map to Simplify Management of Virtual Networks
infoq.com/news/2023/02/vpc-res

#aws #vpc #networking

Last updated 2 years ago

Chaser Systems · @ChaserSystems
6 followers · 19 posts · Server infosec.exchange

We ask about an oft overlooked policy that you should be putting in place when using in . Do NOT inadvertently allow access to other tenants' resources!

FOLLOW US as we explore cloud network security with .

#chatgpt #vpc #endpoints #aws #ai #awssecurity

Last updated 2 years ago

The Network DNA · @thenetworkdna
3 followers · 60 posts · Server mastodon.world
Dhruv AHUJA · @new23d
41 followers · 26 posts · Server infosec.exchange

While make it more obvious, I have always suspected that in are actually NAT instances behind the scenes simply translating network addresses. Reason being they take so long to spin up and shut down🤔

But why would anybody charge exorbitantly for just NAT😬

infosec.exchange/@ChaserSystem

#gcp #vpc #endpoints #aws

Last updated 2 years ago

Marc Creighton · @marc_creighton
5 followers · 19 posts · Server mast.odon.irish
TSM at Work · @tsmatwork
10 followers · 42 posts · Server noc.social

Maybe I can’t use the data synchronization agent because the two sides of our are designed not to talk to each other in that direction? Will get with vendor and peers soon to confirm theory.

#vpc

Last updated 2 years ago

Hendrik · @hendrik
19 followers · 41 posts · Server pourparlers.social

@verita84 @zbecker
Which one of both are you using? I first tried but decided then to give first a shot. As everything is still new to me I just wanted to start off mainstream.
Btw. I’m using to deploy the server there is a module which makes the setup really simple.
My 4 cpu 8 gb is spending most of its time idling at a load of 0.05. Resources seem not be the limiting factor right now 😅
🔗 nixos.wiki/wiki/Mastodon

#pleroma #mastodon #nixos #vpc

Last updated 2 years ago

Michal 🇨🇿 · @michal
38 followers · 272 posts · Server vltava.cloud

@radio

What is best practice for setting up outbound rules of security groups inside of ?

Just security based on (un)routable paths between subnets?

#amazon #aws #vpc

Last updated 2 years ago

Paul Schoonhoven · @vosje62
433 followers · 2517 posts · Server mastodon.nl

@mbootsman yep... Hij doet alsof ie vpn is, maar stuurt niets naar een andere server, als ik t goed begrijp.
Een dus.. Ofzo.. 😇

#vpc

Last updated 2 years ago

Andy 'Bob' Brockhurst · @b3cft
62 followers · 90 posts · Server infosec.exchange

@dob That's a big scope.

Some things we do to make our lives easier and doesn't cost $$$.

Enable and pipe all the alerts into a slack channel (+email as well).

Enable log everything to an bucket in another account. alerts on auth failures (to slack + email (some go to pagerduty contact).
We also have some alerts on updates when a cidr is added to a .

Don't use or /#JumpHosts use to run automations on the hosts (package install, service restarts etc) also to get a shell on a box (if needed at all). (you can use with to give granular access).
Using for console access also logs the entire session (including someone doing sudo su - root etc!) into

Use within our . Instances behind an will only accept traffic from the etc.. , willl only accept traffic from instances in the appropriate . (Basically we don't use cidr ingress rules, we use security group ids) (this works across accounts in the same region with peering, but not across regions however).

#guardduty #cloudtrail #s3 #cloudwatch #infosec #securitygroup #ssh #bastion #ssm #transitivetags #roleassumption #microsegmentation #vpc #alb #rds #elasticache #aws

Last updated 2 years ago

Tried to spin up a Debian vpc on vultr.com and getting an "Out of Stock" message. Not entirely sure how you can be "out of stock" of a digital asset.

Update: My bad, I hadn't selected a location.

#vpc #vultr #debian

Last updated 2 years ago

Paco Hope #BLM · @paco
299 followers · 592 posts · Server infosec.exchange

My battle against the SecurityHub "best practices" continues. This time it's "[EC2.21] Network ACLs should not allow ingress from 0.0.0.0/0". I don't USE NACLs. NACLs are stupid. They're a total waste of time and not the right way to do network security. If NACLs are an important part of your , you're doing it wrong.

docs.aws.amazon.com/securityhu

#aws #vpc #network #security

Last updated 3 years ago