[wellylug] Best practices for AWS EC2 ssh security

Daniel Reurich daniel at centurion.net.nz
Fri Aug 17 01:49:09 UTC 2018


On 17/08/18 11:28, Fehmi Noyan ISI wrote:
> Hi there,
> 
> I have been seeing lots of ssh brute force attacks to my ec2 instance.
> 
> I use key based authentication and I will change the ssh port something other than 22.
> 
> 
> Does anybody have other recommendations, such as a good set of AWS Security Group INBOUND rules? 
> 
> 
> I read using fail2ban could be another option, but I want to stop to attempt before it reaches my ec2 instance in the first place.

You can restrict your inbound traffic to port 22 to a pre-determined set
of IP addresses in the AWS security profile - other alternative is to
block port 22 and setup openvpn for remote access to the server or
private network in your security group.

-- 
Daniel Reurich
Centurion Computer Technology (2005) Ltd.
021 797 722

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 866 bytes
Desc: OpenPGP digital signature
URL: <http://lists.wellylug.org.nz/pipermail/wellylug/attachments/20180817/d7fcb492/attachment.sig>


More information about the wellylug mailing list