17-DDos

type
status
date
slug
summary
tags
category
icon
password
  1. Distributed Denial of services
    1. SYN Floods
    2. amplification attach
      1. NTP
        1. use NTP server to make request size bigger
      2. DNS
      3. CharGen
      4. SNTP
    3. layer 7 attack
      1. get post request
  1. CloudTrail
    1. track api calls
  1. Shield
    1. free ddos protection
    2. layer 3 / 4 attack
  1. WAF
    1. layer 7
  1. guard duty
  1. aws fireewall manager
  1. macie
    1. s3 buckets
  1. inspector
    1. scan on both ec2 instanes and vpcs
  1. KMS & CloudHSM
    1. key management service
    2. generate CMK
      1. generated within HSMs
      2. pwn key mangement infrastructure
      3. aws cloudHSM cluster
      4. notion image
  1. secrets manager
    1. paid
  1. parameter store
    1. free
    2. 10000
    3. no key rotation
  1. presigned url / cookie
  1. aws certificate manager
  1. aws audit manager
  1. aws artifact
    1. download compliance report
  1. amazon cognito
    1. auth access
  1. amazon detective
  1. aws network firewall
    1. physical firewall
  1. aws security hub
     
    18-Automate16-Serverless