Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Amazon EC2 Load Balancer: Defending against DoS attack?

Tags:

amazon-ec2

iptables

load-balancing

amazon

ddos

We usually blacklist IPs address with iptables. But in Amazon EC2, if a connection goes through the Elastic Load Balancer, the remote address will be replaced by the load balancer's address, rendering iptables useless. In the case for HTTP, apparently the only way to find out the real remote address is to look at the HTTP header HTTP_X_FORWARDED_FOR. To me, blocking IPs at the web application level is not an effective way.

What is the best practice to defend against DoS attack in this scenario?

In this article, someone suggested that we can replace Elastic Load Balancer with HAProxy. However, there are certain disadvantages in doing this, and I'm trying to see if there is any better alternatives.

like image 794
netvope Avatar asked Mar 07 '10 00:03

netvope

People also ask

Does AWS load balancer protect against DDoS?

Application Load Balancer blocks many common DDoS attacks, such as SYN floods or UDP reflection attacks, protecting your application from the attack. Application Load Balancer automatically scales to absorb the additional traffic when these types of attacks are detected.

What is the best defense against DoS attacks?

ISPs: The First Line of Defense The most effective way to protect against the impact of DoS attacks is to stop them before they even reach a company's network. That means partnering with the contracted ISP to block the attack at the gateway.

How do I protect AWS DDoS attacks?

Another way to improve your readiness to respond to and mitigate DDoS attacks is by subscribing to AWS Shield Advanced. You receive tailored detection based on: Specific traffic patterns of your application. Protection against Layer 7 DDoS attacks including AWS WAF at no additional cost.

2 Answers

I think you have described all the current options. You may want to chime in on some of the AWS forum threads to vote for a solution - the Amazon engineers and management are open to suggestions for ELB improvements.

like image 55
sehugg Avatar answered Nov 26 '22 07:11

sehugg

If you deploy your ELB and instances using VPC instead of EC2-classic, you can use Security Groups and Network ACLs to restrict access to the ELB.

http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/USVPC_ApplySG.html

like image 20
Michael - sqlbot Avatar answered Nov 26 '22 05:11

Michael - sqlbot
Sign in to Comment

Related questions

How to check which instance is reserved in AWS?
AWS EMR: Error parsing parameter: Expected: '=', received: 'EOF' for input:
AWS CLI: Key is not in valid OpenSSH public key format
How to instruct an AWS ELB to consider a health check that returns a 403 code as successful?
AWS - How to install java11 on an EC2 Linux machine?
Public Amazon EC2 AMIs with R pre-installed
Problem with access to Mongodb on Amazon EC2
Send Mail Using Amazon EC2 Instance
Setting up a PyCharm remote conda interpreter
How to log to an explicit AWS CloudWatch log stream and change it programmatically (Java/Scala/log4j)
Auto Scaling Group launch config changes
Can I define an EC2 auto scale group with scaling policies without adding alarms to CloudWatch dashboard?
How to set hostname in EC2 instance with puppet based bootstrapping
Error code from API call from one domain but not other Undefined index:
AWS ECS ALB Error (Request timed out)
How to get phpmyadmin access on Amazon RDS Database
AWS Elastic Beanstalk Worker - Scale Based On Number Of Available Queue Messages
502 Bad Gateway from relocated instance on AWS EC2

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!