- Newest
- Most votes
- Most comments
To answer your question, spoofing attacks can have multiple categories such as the ones mentioned below. If your use case is focussed on something more specific, then you can mention that.
- ARP Spoofing
When we consider a scenario for within the VPC environment, AWS provides secure and private connectivity between EC2 instances of all types. Every packet flow on the network is individually authorized against a rule to validate the correct source and destination before it is transmitted and delivered.
You can go through this documentation for more insights regarding this. Sharing an excerpt from the doc.
Moreover, while address resolution protocol (ARP) packets trigger an authenticated database look-up, ARP packets never hit the network as they are not needed for discovery of the virtual network topology. This means ARP spoofing is highly improbable on the AWS network.
This medium article also talks in detail about what I am referring to.
Moreover, since you are using an Application Load Balancer Because the load balancer is in a virtual private cloud (VPC), traffic between the load balancer and the targets is authenticated at the packet level, so it is not at risk of man-in-the-middle attacks or spoofing.
You can refer our documentation on Load Balancer Target groups to get more information regarding this.
- Email spoofing
If you are using Amazon SES for Emails, SES adds DMARC verdicts to incoming emails, and publishes aggregate DMARC reports to domain owners. These two new features will help combat email spoofing and phishing. This documentation talks about the same.
- DNS spoofing:
If you are using Amazon Route 53 for your domain, you can protect your domain from DNS spoofing, by configuring Domain Name System Security Extensions (DNSSEC), a protocol for securing DNS traffic.
For your use case, I would also like to recommend AWS WAF which can work with your current architecture and offers advanced protection and mitigation against most Layer 7 attacks by inspecting the requests that are forwarded to your Application Load Balancer
Relevant content
- asked 7 months ago
- Accepted Answerasked 4 months ago
- asked 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 3 years ago
Can you clarify what you are referring to as anti-spoofing rules in this context? Are you referring to adding a Layer 7 WAF (Web Application Firewall) to the load balancer?
I would like to know how to setup rule to anti-spoofing for my app. Is there any AWS document for anti-spoofing?