AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post

VPN being used for malicious attacks

0

Hello!

I am a very novice customer and normally do not deal with VPN. However a couple of times now incidents have been identified where our team VPN has been used in probing/brute force attacks. For reference we allow BYoD and the VPN is used mainly for WorkDocs/Workmail access.

I have asked users to scan their devices for malicious soft to stop the attacks. However I need assistance with two issues: -how do I identify exactly which of my users' devices is the source of issue

  • is there a way to configure my VPN to prevent it from allowing similar brute force attacks from being carried out in the future?

Appreciate any assistance in advance.

주제
네트워킹 및 콘텐츠 전송보안, 신원 및 규정 준수AWS Well-Architected 프레임워크
태그
아마존 VPC보안, 신원 및 규정 준수네트워킹 및 콘텐츠 전송보안
언어
English
rePost-User-3462923
질문됨 일 년 전235회 조회
1개 답변
0

Not sure if you have tighten the firewall rules and security groups. To avoid it in future make sure you have open the required ports on firewall, along with security group.

you should check your LAN/office network too to make sure any malicious machine can not connect to network and should be quarantine immediately from rest of your network.

Check AWS best practice to avoid such incidents in future.

you might need to do some hard work.

Sachin
답변함 일 년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠