Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Unauthorized access to AWS database

0

Some unauthorized person has been trying to login to login to my aws database in the past few months. In the log I can see Connection denied message with the username. He/she has been sending login requests at an extremely frequent rate. I believe this is the cause for some connection failures I'm experiencing between my application and the database. Can someone suggest me a solution for this?

Themen
Management & UnternehmensführungDatenbank
Tags
AWS Management ConsoleDatenbank
Sprache
English
SachinthaI
gefragt vor 9 Monaten181 Aufrufe
1 Antwort
0

Hello.

Am I correct in understanding that you are using RDS for the database?
Also, does RDS have public access enabled?
If public access is enabled, we recommend disabling it.
If you can identify the IP address of the access source, you can consider preventing it with security groups or network ACLs.
Also, although it is unclear whether this will directly resolve the issue, I think it would be a good idea to change the DB user name and password.
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html#USER_VPC.Hiding

Also, if the unauthorized access is via a web application, you may want to consider using something like AWS WAF.
To use AWS WAF, you will need ALB and CloudFront, so please set them up if you want to use them.
https://docs.aws.amazon.com/waf/latest/developerguide/getting-started.html

profile picture
EXPERTE
Riku_Kobayashi
beantwortet vor 9 Monaten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt