1 回答
- 最新
- 投票最多
- 评论最多
1
AWS is aware of a recent publication from CERT/CC [1] related to HTTP/2 CONTINUATION frames, which can be used in a denial of service (DoS) attack. CloudFront, Application Load Balancer, and API Gateway are not affected by this issue.
Customers running their own web servers should use AWS Shield Advanced [2] and engage the Shield Response Team [3] to deploy mitigations in the event of a DoS attack.
Security-related questions or concerns can be brought to our attention via aws-security@amazon.com.
[1] https://www.kb.cert.org/vuls/id/421644
[2] https://docs.aws.amazon.com/waf/latest/developerguide/aws-shield-use-case.html
[3] https://docs.aws.amazon.com/waf/latest/developerguide/ddos-srt-contacting.html
已回答 1 个月前
相关内容
AWS 官方已更新 2 年前- AWS 官方已更新 2 年前
- AWS 官方已更新 1 年前
- AWS 官方已更新 1 年前
Thanks for your answer! My main concern was about CloudFront, Application Load Balancer, and API Gateway :)