2nd March 2017

in AWS and Azure

IAM what I am

Posted by Dave Saunders 2nd March in AWS and Azure

Amazon is a fantastic company and one of the pioneers of cloud computing, forging the path which many vendors have followed. They have recently rectified something has long been a bugbear of mine - the ability to retrospectively add an IAM role to a running instance in AWS. For several years, if an instance was launched in AWS and during the initial configuration an IAM role was not defined, the only option available was to stop/terminate the instance and launch another, however, this has now changed!

Continue reading...
22nd February 2017

in Security

Not so sweet, Sweet32 vulnerability…

Posted by Dave Saunders 22nd February in Security

When configuring SSL Termination/Offloading and using the default cipher list, a scan using SSL Labs will produce an A which is great. One thing with our default list is that it could result in a scan indicating that there may be a vulnerability to Sweet32. Sweet32 has several potential methods to be exploited but the one which potentially affects a Loadbalancer.org appliance is the use of the Triple-DES legacy cipher when performing SSL Termination/Offloading. To mitigate this, it is a simple case of altering the cipher list slightly, adding a !3DES, to prevent the use of the Triple-DES cipher.

Continue reading...
Live chat