CRYPTOGRAPHIC KEY GENERATION

When we think about cryptographic keys, we tend to think about closely guarded secrets. Keys are the only thing that keeps the attacker away from your encrypted data. Some keys are usually treated with the appropriate level of respect. Security professionals in the payments industry, or those that have deployed a PKI, know all too well about the importance... 

Richard Moulds

How To Secure Your Cloud Hosting? Part 1

How to secure your cloud hosting? Part 1

So having completed the migration of your application or site to the cloud, say to AWS or RS, be prepared to get surprised by the initial hacker attack attempts on your site! Recently, we had the experience of handling two projects, one with AWS and another with RS. We were surprised to take note of our system event viewer logs.

(See the screen shot).

RDP- Remote Desktop Protocol

To start the hardening process first we disabled the RDP service in the server. This will have its own effects as something like closing our own house door. We started using the console provided.

We found that a several hundred attempts to login in to our account from the hackers worldwide within two days of launch. Bad guys from all around the world… from Iran, China, Korea and so many other countries. It seems that they are never going to stop trying to get in. So the so called hardening work started. Hardening the cloud system. Let me explain what we did to harden the cloud servers.

It is told that ‘ a ship in harbor is safe. But that is not what ships are for.’

Similarly the objective of cloud hosted site or application is to give ease of access to the intended worldwide varied audience. At the same time, we should have ease of access too for doing the admin works, adding content, making changes to the code etc., One of the oldest ways practiced by hackers is cracking the Administrator password. If our id can be taken, an outsider becomes insider. In the cloud computing model, every one including System Admin is an outsider! The cloud eco system throws open an added list of vulnerabilities. In the initial days immediately after the launch, we have to make an approach wherein we systematically close down ways of outsider intruding in to our system.

To be continued in Part 2

By Glenn Blake

About Glenn Blake

Glenn Blake is a writer for CloudTweaks and has been writing about technology trends for over 25 years.

View Website