AWS re:Postを使用することにより、以下に同意したことになります AWS re:Post 利用規約
AWS re:Postre:Post

How to regain use of server after intrusion.

0

I had an intrusion on my server ... a password was brute forced by some kid who proceeded to use the box to try to brute force other boxes.

I found and removed the script that was doing this, and secured the box ... but AWS has embargoed my server, leaving only the ssh port and one other open. This renders the system useless for doing my work.

I have no idea how to contact them to let them know what happened and hopefully regain my ability to use the system.

Please advise!

トピック
計算するAWS Well-Architected Framework
タグ
Amazon EC2セキュリティ
言語
English
Nobody For Governor
質問済み 1年前186ビュー
1回答
0

Are you trying to regain the SSH access? If yes, please follow the below methods mentioned in the link: https://aws.amazon.com/premiumsupport/knowledge-center/user-data-replace-key-pair-ec2/ I hope this will help!

profile pictureAWS
Rajjat Kumar
回答済み 1年前
  • Nobody For Governor
    1年前

    I have ssh access. They left port 22 up, and they left one other port in the 3 thousands open.

    But they are blocking https, http, and everything else. So my applet cannot talk to it's server, which it does over https.

    I made a snapshot and brought up another server, but it was completely unreachable, so I deleted it.

    There is no indication that they intend to allow me to access the resources that my organization is paying for ever again. I hope that i is not the case, but they have given me no clue as to how to contact them.

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ