官术网_书友最值得收藏!

Network layer attacks

There are several types of network layer attacks, including but not limited to the following:

  • Automated port scans: Port scans attempt to discover open ports for attackers to try and compromise.
  • Spoofing: An attacker sets up their own server with an IP address of the server being attacked and tries to intercept traffic intended for the legitimate IP.
  • DoS: An attacker or a group of attackers (DDoS) attack an application entry point (such as website or email server) with traffic that is designed to overwhelm the system, either with volumes or with packets that will cause errors to accumulate.

AWS inherently prevents IP spoofing and port scanning within EC2 networks. Any attempt at spoofing an IP or scanning ports within an EC2 environment is treated as a violation of the AWS terms, and any system attempting to perform either of those will be automatically and immediately blocked from any further access.

AWS provides a set of guidelines on how to protect an application against DoS and DDoS attacks and allows for the ease of management of the security features that help to achieve this with AWS Shield and AWS WAF. We will discuss this in more detail in the Delivering advanced network security in AWS section of this chapter. We can also use WAF to prevent injection attacks and session hijacking, and we can use the AWS Shield service to help us mitigate DoS and DDoS attacks. We will discuss these two services in the Delivering advanced network security in AWS section of this chapter.

主站蜘蛛池模板: 花莲县| 博罗县| 金昌市| 府谷县| 同仁县| 永康市| 新营市| 元谋县| 象山县| 宁城县| 静海县| 阳西县| 六安市| 旬阳县| 咸阳市| 南木林县| 桐梓县| 临猗县| 晋宁县| 永登县| 赤城县| 鹿邑县| 新津县| 东辽县| 沁阳市| 上高县| 邳州市| 三穗县| 洪泽县| 湖口县| 芦山县| 甘南县| 长阳| 伽师县| 四川省| 监利县| 新泰市| 钦州市| 加查县| 鱼台县| 车致|