1 Antwort
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
1
AWS is aware of a recent publication from CERT/CC [1] related to HTTP/2 CONTINUATION frames, which can be used in a denial of service (DoS) attack. CloudFront, Application Load Balancer, and API Gateway are not affected by this issue.
Customers running their own web servers should use AWS Shield Advanced [2] and engage the Shield Response Team [3] to deploy mitigations in the event of a DoS attack.
Security-related questions or concerns can be brought to our attention via aws-security@amazon.com.
[1] https://www.kb.cert.org/vuls/id/421644
[2] https://docs.aws.amazon.com/waf/latest/developerguide/aws-shield-use-case.html
[3] https://docs.aws.amazon.com/waf/latest/developerguide/ddos-srt-contacting.html
beantwortet vor einem Monat
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 2 Jahren
Thanks for your answer! My main concern was about CloudFront, Application Load Balancer, and API Gateway :)