1. How can a external entity establish connection to your server?
a. TLS | SSL usage for web requests.
b. usage of certificates for internal traffic
* Example ACM - Amazon Certificate Manager.
c. Connection to Remote Hosts from local machine.
- use SSH
- Two ways for SSH connection
1. Password
2. SSH Keys → more secure
- why? Checking SSH keys is more difficult. use self rotating keys to further enhance security.
- → Some goes for any credentials you use on your system.
2. Network firewall
- software or hardware
- It will help to control the traffic - traffic IN or traffic OUT
3. Abstraction out of Resources.
- External entity knows where abouts of only great facing proxy.
- not the hosts serving the request or any database you’re retrieving data from.
4. Resources Creation in VPC
- Not accessible directly from Public Internet
5. Networking Rules
- Any security group configurations. The Inbound and Outbound rules should be strict to allow the required traffic only.
6. Traffic Control
- Rate Limiting of requests per user | IP address.
- Confirm that you’re not a Robot - CAPTCHA
7. Continuous patching of applications.
8. Proper logging and monitoring
Reference
'Dev > Linux' 카테고리의 다른 글
[Linux] Crontab이 작동하지 않을 때 (0) | 2022.09.20 |
---|---|
[Linux] SSH connectivity Issues (0) | 2022.09.11 |
[Linux] Troubleshoot Slow Server (1) | 2022.09.09 |
[Linux] Kernel (0) | 2022.09.05 |
[Linux] Network commands - curl, wget (0) | 2022.08.25 |
댓글