You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
# Identify 2-3 changes that can be made to our environment to prevent an ssh brute force attack from the internet.
** Right now anyone can SSH in on port 22. We should remediate by specifying certain IP addresses for port 22.
**The EC2 instances should not have a public IPv4 address. We should release the elastic IP as soon as possible.
# Neither instance should have had access to the secret recipes bucket, in the even that instance API credentials were compromised how could we have prevented access to sensitive data.
**We should use the principal of least privilege(PoLP), enable SSE for the S3 bucket, and have more strict policy inacted. This allow makes it so only the nessecary actions are allowed.