1개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
1
AWS is aware of a recent publication from CERT/CC [1] related to HTTP/2 CONTINUATION frames, which can be used in a denial of service (DoS) attack. CloudFront, Application Load Balancer, and API Gateway are not affected by this issue.
Customers running their own web servers should use AWS Shield Advanced [2] and engage the Shield Response Team [3] to deploy mitigations in the event of a DoS attack.
Security-related questions or concerns can be brought to our attention via aws-security@amazon.com.
[1] https://www.kb.cert.org/vuls/id/421644
[2] https://docs.aws.amazon.com/waf/latest/developerguide/aws-shield-use-case.html
[3] https://docs.aws.amazon.com/waf/latest/developerguide/ddos-srt-contacting.html
답변함 한 달 전
관련 콘텐츠
- AWS 공식업데이트됨 일 년 전
Thanks for your answer! My main concern was about CloudFront, Application Load Balancer, and API Gateway :)