Penetration Testing and AWS

Here is one of those topics where you can often run into misinformation when you are studying AWS. That is because the rules keep changing, and you will often have textbooks and courses quoting old rules still!

AWS Pen Test

So here is the skinny as of 10/20/2019! You no longer have to obtain permission from AWS for pen testing your own resources within 8 of the total services of AWS. NOTE: Be sure not to pen test against any AWS services themselves, as this is never permitted. In fact, if you should discover vulnerabilities in a service itself when you are pen testing your resources, you are encouraged to report that to the AWS Security team. What are the 8 services? Here they are:

  • EC2, including NAT Gateways and Elastic Load Balancers
  • RDS
  • CloudFront
  • Aurora
  • API Gateways
  • Lambda and Lambda Edge
  • Lightsail
  • Elastic Beanstalk

You should also note that Amazon currently prohibits the following tests:

  • DNS zone walking via Amazon Route 53 Hosted Zones
  • Denial of Service (DoS), Distributed Denial of Service (DDoS), Simulated DoS, Simulated DDoS
  • Port flooding
  • Protocol flooding
  • Request flooding (login request flooding, API request flooding)

These rules will change again in the future. Be sure to subscribe to the blog using the widget in the right column. When the rules change – I will be sure to let you know!

Thanks for reading, and have fun in AWS! Just not too much fun!

CCNA Cram Training Series: Sim Buster Live!

Are you wanting to clear your CCNA Routing and Switching before the #certpocalypse changes of 2020? You are not alone. Join Anthony Sequeira in this Live Online WebEx event as he walks you through building a realistic network as practice for the potential simulations you will receive in the CCNA exam!

Friday, October 25, 2019 at 7 to 9 PM EST USA

This event is part of the CCNA Cram series from AJSnetworking. These training events are centered around helping students clear their current exams before the certification changes. The focus is on affordability and efficiency for our students!

Students receive:

  • Attendance in the action-packed two-hour live training WebEx training session (CAUTION: this event may run over two hours!)
  • A downloadable recording of the live event
  • Packet Tracer starting and ending files
  • Bonus Packet Tracer practice files for practice following the event
  • The CCNA Simulation Quick Reference Guide – this PDF provides you with the commands for your exam you should know

Technologies covered:

  • IPv4 addressing
  • IPv6 addressing
  • VLANs
  • Trunking
  • STP
  • EtherChannel
  • OSPF
  • RIP
  • EIGRP
  • Inter-VLAN routing
  • Access lists
  • DHCP
  • NTP
  • Syslog

Enjoy this course and all of the resources that come with it for a one-time payment of $29.95!

PLEASE READ THIS:

Following payment, you will receive your WebEx log in instructions for the event within 24-hours of your purchase. Ensure your accurate email address is provided when purchasing. If you purchase one hour before the event, you will receive the log in information right away. No sales will be made within the hour before the live class launch. Questions? Email: anthony@ajsnetworking.com

Introducing my CompTIA Network+ Master Class!

CLICK HERE FOR THE DEETS:
https://www.kwtrain.com/networkplus