How to report another AWS server has performed vunerability scanning on my server?
Someone pointed Nessus at my EC2 machine and performed a 12minute vunerability scan - Their IP traces back to AWS - There are more than 200 entries across all logs in /var/log/httpd. I believe my server is fine, undamaged, but the actions should not go unrewarded.
How do I raise this with AWS?
The best way to raise this is by using the report abuse form: https://support.aws.amazon.com/#/contacts/report-abuse.
Since the target was your EC2 instance, it's probably best to use the link in the form to sign in to your account first.
I was going to click Accept and give this a thumbs up however "Something went wrong" when attempting the process you suggested. I have, clicked the link to sign on to my account first, shared a contact email address, then filled in the form, indicated someone did port scanning, added extracts from my log files and then clicked Submit. This resulted in "Something went wrong". I repeated the process with the same result. There are no warnings attached anywhere else in the form indicating where I might have omitted a required value. Not good start to my day.
Two further attempts to submit my report at https://support.aws.amazon.com/#/contacts/report-abuse failed, and thus I have decided not to Accept the answer suggested above as others may experience the same result as I got. When I filled in the form and clicked submit, I again with "Something went wrong" error. I will raise a separate ticket on this.
For now, I emailed email@example.com, attached log files, provided source and target server IP and requesting support on the EC2 user who performed an unsolicited and unwelcome vunerability scan of my EC2 server.
Cognito - using Cognito for server to server authenticationAccepted Answerasked 3 years ago
DMS to migrate SQL Server from RDS to EC2asked 2 years ago
How to report another AWS server has performed vunerability scanning on my server?Accepted Answerasked a month ago
How to fix EC2 Abuse Reportasked 2 months ago
SQL Server RDS migration to EC2 SQL ServerAccepted Answerasked a month ago
Is AppStream like a server for my desktop software products?asked 5 days ago
How to scan the server filesasked a month ago
how to connect to an mysql comm server 5.7 on ec2 from another ec2 instanceasked 2 years ago
How to point my namecheap domain to my EC2 intanceAccepted Answerasked 2 years ago
Unable to access Spring Boot application deployed on AWS EC2 instance (Windows Server 2022)asked 11 days ago