Monday, May 13, 2013

AWS Bastion host as single point of attack?

Bastion host could open you up to a single point of attack?  It can, but here are two ways to secure your bastion host:
Having only one point of attack is way better then opening up more than one or all of your EC2 instances for port 22 (SSH..assuming Linux) to 0.0.0.0/0 CIDR block.

2 comments: