1

I have a load balancer configurated with the port 443 to port 80 of the ec2 servers and with a sniffer like Burtsuite can I edit the request. How can configure the ELB to avoid this type of attack?.

For example when I access to this script /userprofile/Get.php sending by post the user_id param and with Burtsuite can modify this user_id to another.

MadHatter
  • 79,770
  • 20
  • 184
  • 232
Flip120
  • 11
  • 2

2 Answers2

1

Run the EC2 servers as HTTPS, not HTTP, and have the ELB pass 443 to 443 rather than 80.

That said, if they can get into your internal network to sniff traffic between ELB and EC2, you've got bigger problems.

ceejayoz
  • 32,910
  • 7
  • 82
  • 106
  • I have tried to elb 443 to ec2 443 with de backend authentification in the load balancer but the request don't reach the server. I don't know wich is the problem, thanks for the answer – Flip120 Feb 21 '14 at 16:01
  • Do you have HTTPS properly set up on the EC2 instances, with a valid certificate? – ceejayoz Feb 21 '14 at 16:02
  • Yes because when I access by the ip of my ec2 via https it works but using the load balancer redirection don't work. – Flip120 Feb 21 '14 at 16:05
1

The real solution is to prevent anybody other than ELB to access your EC2. This is how AWS is intented to be used and you have all the info here. Manage Security Groups in Amazon EC2-Classic - Elastic Load Balancing. Security group is your firewall here.

You have additional info on the security here: Amazon Web Services: Overview of Security

Sony Kadavan
  • 156
  • 3