En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

Using Fail2Ban with Greengrass Secure Tunnel Component

0

We would like to secure our edge devices with Fail2Ban, https://github.com/fail2ban/fail2ban, without blocking the AWS Greengrass V2 Component for Secure Tunnel. Is there any guidance as to how to configure our fail2ban to not block the secure tunnel ?

Sujets
Internet des objets (IoT)Outils de développementFramework AWS Well-Architected
Balises
AWS IoT CoreOutils de développementSécurité
Langue
English
scriobhneoir
demandé il y a 6 mois190 vues
1 réponse
0
Réponse acceptée

I am not aware of such guidance, and didn't find any in a quick search - which might be an indication that it doesn't exist. Generally speaking, Secure tunneling uses a client/device-initiated tunneling, which means that you don't need any inbound ports open as long as established connections are allowed. See also here for more details. That being said, fail2ban should not block those as long as it's only applied on inbound connections. Also, if you don't require any inbound connections, I would recommend to not open any inbound port, but only allow the outbound plus established / related connections.

profile pictureAWS
Michael
répondu il y a 6 mois

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents