AWS re:Postを使用することにより、以下に同意したことになります AWS re:Post 利用規約
AWS re:Postre:Post

VPN being used for malicious attacks

0

Hello!

I am a very novice customer and normally do not deal with VPN. However a couple of times now incidents have been identified where our team VPN has been used in probing/brute force attacks. For reference we allow BYoD and the VPN is used mainly for WorkDocs/Workmail access.

I have asked users to scan their devices for malicious soft to stop the attacks. However I need assistance with two issues: -how do I identify exactly which of my users' devices is the source of issue

  • is there a way to configure my VPN to prevent it from allowing similar brute force attacks from being carried out in the future?

Appreciate any assistance in advance.

トピック
ネットワークとコンテンツ配信セキュリティ、アイデンティティ、コンプライアンスAWS Well-Architected Framework
タグ
Amazon VPCセキュリティ、アイデンティティ、コンプライアンスネットワークとコンテンツ配信セキュリティ
言語
English
rePost-User-3462923
質問済み 1年前235ビュー
1回答
0

Not sure if you have tighten the firewall rules and security groups. To avoid it in future make sure you have open the required ports on firewall, along with security group.

you should check your LAN/office network too to make sure any malicious machine can not connect to network and should be quarantine immediately from rest of your network.

Check AWS best practice to avoid such incidents in future.

you might need to do some hard work.

Sachin
回答済み 1年前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ