Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
aws-solutions-constructs
The AWS Solutions Constructs Library is an open-source extension of the AWS Cloud Development Kit (AWS CDK) that provides multi-service, well-architected patterns for quickly defining solutions
Been doing this for Apps deployed to Google App Engine (such attacks are also common to them) and then creating firewall rules blocking those IPs.
After awhile, I decided to automate the process i.e. build an App [1] that runs on a schedule, parses the logs, identifies such traffic (spam/bots) and automatically creates the firewall rules. Since it's already parsing the logs, it also generates analytics for the Apps
1. https://github.com/NoCommandLine/NoCommandLine-Analytics
Was looking into Certificate Transparency logs recently. Are there any convenient tools/methods for querying CT logs? i.e. search for domains within a timeframe
Cloudflare’s Merkle Town[0] is useful for getting overviews, but I haven’t found an easy way to query CT logs. ct-woodpecker[1] seems promising, too
[0] https://ct.cloudflare.com/
[1] https://github.com/letsencrypt/ct-woodpecker
Besides pointing pentester tools like metasploit at yourself, there are some nice scanners out there.
https://github.com/quay/clair
https://github.com/anchore/grype/
Besides pointing pentester tools like metasploit at yourself, there are some nice scanners out there.
https://github.com/quay/clair
https://github.com/anchore/grype/
This is helpful! I found some CDK libraries that allows for connecting a load balancer or Cloudfront to WAF with a few lines of code. I'll give it a try! [1] [2].
--
1: https://github.com/awslabs/aws-solutions-constructs/tree/mai...
2: https://constructs.dev/search?q=waf&cdk=aws-cdk&cdkver=2&lan...