TechEcho

8 comments

ihswalmost 11 years ago

How were they 0wned? Lack of MFA, rogue API key, or something else? Are full-access accounts being handed out willy-nilly instead of IAM accounts?AWS Multi-Factor Authentication (MFA):<a href="http://aws.amazon.com/iam/details/mfa/" rel="nofollow">http://aws.amazon.com/iam/details/mfa/</a>AWS Identity Access and Management (IAM):<a href="http://docs.aws.amazon.com/IAM/latest/UserGuide/IAMBestPractices.html" rel="nofollow">http://docs.aws.amazon.com/IAM/latest/UserGuide/IAMBestPract...</a>Managing your AWS API Keys:<a href="http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSGettingStartedGuide/AWSCredentials.html" rel="nofollow">http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSG...</a>Go a step further with your AWS API keys and use AWS' API access logging (CloudTrail):<a href="http://aws.amazon.com/cloudtrail/" rel="nofollow">http://aws.amazon.com/cloudtrail/</a>Don't get burned. Check your stuff out.

评论 #7918596 未加载

评论 #7917010 未加载

bdcravensalmost 11 years ago

Full-blown AWS console compromise - this sounds similar to what happened to Code Spaces (<a href="https://news.ycombinator.com/item?id=7909791" rel="nofollow">https://news.ycombinator.com/item?id=7909791</a>) Is there a new vulnerability?

评论 #7918604 未加载

评论 #7916810 未加载

dorfsmayalmost 11 years ago

Any word on how those accounts are getting compromised?Have they been complacent (easy password to guess, keys easy to be compromised (maybe in a public github repo)), or could there be some whole in the AWS secutiy model?

评论 #7916320 未加载

huntermeyeralmost 11 years ago

This brought my app down. <a href="http://jrdevjobs.com" rel="nofollow">http://jrdevjobs.com</a>. Our shards were all missing from Bonsai. We looped through each model and saved it.We're back up.

huslagealmost 11 years ago

AWS needs to improve usability of IAM so that it gets broader adoption. The learning curve is non-trivial.

评论 #7917230 未加载

评论 #7917082 未加载

jayzalowitzalmost 11 years ago

This sucks... I am happy we just put our search cluster on elasticbeanstalk atm, but I wish we had more services like this running.. good news is new security practices will hop up everywhere because of this.

grandalfalmost 11 years ago

Not to focus on this when they are experiencing downtime, but Bonsai has been one of the least reliable service providers I've ever used.

评论 #7916434 未加载

评论 #7917064 未加载

kitwalker12almost 11 years ago

our site <a href="http://www.violetgrey.com" rel="nofollow">http://www.violetgrey.com</a> went down because of this. Luckily we were able to reindex pretty fast before their backups kicked in. Any ideas on how to have fallbacks in such cases?

8 comments

ihswalmost 11 years ago

评论 #7918596 未加载

评论 #7917010 未加载

bdcravensalmost 11 years ago

评论 #7918604 未加载

评论 #7916810 未加载

dorfsmayalmost 11 years ago

评论 #7916320 未加载

huntermeyeralmost 11 years ago

This brought my app down. <a href="http://jrdevjobs.com" rel="nofollow">http://jrdevjobs.com</a>. Our shards were all missing from Bonsai. We looped through each model and saved it.We're back up.

huslagealmost 11 years ago

AWS needs to improve usability of IAM so that it gets broader adoption. The learning curve is non-trivial.

评论 #7917230 未加载

评论 #7917082 未加载

jayzalowitzalmost 11 years ago

grandalfalmost 11 years ago

Not to focus on this when they are experiencing downtime, but Bonsai has been one of the least reliable service providers I've ever used.

评论 #7916434 未加载

评论 #7917064 未加载

kitwalker12almost 11 years ago

Bonsai Hosted ElasticSearch Is Down

8 comments

Bonsai Hosted ElasticSearch Is Down

8 comments