In one of my previous blog posts (Hacking your way around AWS IAM Roles), we demonstrated how users can access AWS resources without having to store AWS credentials on disk. This was achieved by setting up an OpenVPN server and client-side route that gets automatically pushed when the user is connected to the VPN. To […]
Difficulty Level : Hard
Identity and Access Management (IAM) offers role-based accessed control (RBAC) to your AWS account users and resources, you can granularize the permission set by defining policy. If you are familiar or even a beginner with AWS cloud, you know that how important IAM is. AWS Identity and Access Management (IAM) is a web service that […]
Difficulty Level : Medium
Heyloo ! Recently I came across a weird scenario. An application written in Java that uses AWS S3 bucket for some sort of data ingestion was only allowed to use a single AWS region configured via either environment variable or application properties file. Of course, a patch could have been developed, but the release process […]
Hello folks, It’s been a long time since I wrote my last blog. In this blog post, I will show you how you do port knocking to access services on servers such as ssh, mail (postfix), etc securely. Well, we will be literally knocking on ports from the client-side this time 😉 What is port […]
Knock Knock… Who’s There ? … /dev/tcp
Did you ever wonder what would you do if telnet or netcat package is missing for Unix/Linux system. Being a sysadmin, you often come across a situation where you want to find out if target system is listening on given port. With simple tools like telnet or netcat your job becomes easy. These utility packages […]