Tightening Up EC2 Security

An EC2 instance is configured with very tight firewall rules out of the box, allowing access only to port 22 (SSH) and forcing you to log-in using your RSA private key. Nevertheless, I discovered that my instance was subject to a brute force attack from someone in the U.A.E.

They didn’t manage to log in, but it make me think of locking down my EC2 instance. The easiest thing to do is to install Fail2Ban

  1. sudo apt-get install fail2ban
  2. Edit /etc/fail2ban/jail.conf and modify the destemail line to point to your email address.
  3. Restart the fail2ban service. sudo service fail2ban restart

You could always tweak the parameters to your liking but I was satisfied with the default fail2ban parameters.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: