官术网_书友最值得收藏!

Network layer attacks

There are several types of network layer attacks, including but not limited to the following:

  • Automated port scans: Port scans attempt to discover open ports for attackers to try and compromise.
  • Spoofing: An attacker sets up their own server with an IP address of the server being attacked and tries to intercept traffic intended for the legitimate IP.
  • DoS: An attacker or a group of attackers (DDoS) attack an application entry point (such as website or email server) with traffic that is designed to overwhelm the system, either with volumes or with packets that will cause errors to accumulate.

AWS inherently prevents IP spoofing and port scanning within EC2 networks. Any attempt at spoofing an IP or scanning ports within an EC2 environment is treated as a violation of the AWS terms, and any system attempting to perform either of those will be automatically and immediately blocked from any further access.

AWS provides a set of guidelines on how to protect an application against DoS and DDoS attacks and allows for the ease of management of the security features that help to achieve this with AWS Shield and AWS WAF. We will discuss this in more detail in the Delivering advanced network security in AWS section of this chapter. We can also use WAF to prevent injection attacks and session hijacking, and we can use the AWS Shield service to help us mitigate DoS and DDoS attacks. We will discuss these two services in the Delivering advanced network security in AWS section of this chapter.

主站蜘蛛池模板: 郧西县| 金寨县| 巴林左旗| 财经| 阳高县| 曲水县| 红安县| 当雄县| 松阳县| 深圳市| 黔东| 观塘区| 新竹县| 大化| 彭水| 卓资县| 庆云县| 驻马店市| 龙游县| 宣城市| 大兴区| 弥勒县| 长兴县| 通辽市| 金门县| 永寿县| 高密市| 蚌埠市| 金山区| 衡水市| 巴林左旗| 深水埗区| 岑巩县| 芜湖市| 逊克县| 镇巴县| 双鸭山市| 晴隆县| 石家庄市| 中西区| 阿图什市|