Notices by Ben From KC (benfromkc@infosec.exchange)

@horse

Oh net send takes me back. I remember sitting down in so many training classes and everyone immediately net sending random messages. And then labs would start and it became a race to see who could crash who first. Good times.

@foone

TL:DR; I published a terraform library today to automatically configure AWS root user usage alarms. Link at the bottom.

Hey, do you have an AWS account? Even a little "lab" account to do some testing? If you do you, I hope you've taken some steps to make sure your root user is secure. Things like using a super difficult password, MFA, and then never actually using it.

I'm guessing you've done all that. Now take the next step and make sure you have alerting set up for any time that root user is used so just in case all your other protections fail, you at least know something is up.

"How does one even do that?" you ask? Well, it's kind of a PITA, you have to set up about 10 different things and make sure they're all connected correctly or it doesn't work.... or you can just use this handy terraform library I just published! Hopefully this can make your AWS experience just a little safer.

https://github.com/BenFromKC/AwsRootUserAlarm

#aws #cloud #security

@evacide

Sounds like a debate I've heard about a different topic. It's almost like giving people help and education on a thing is a better idea than just telling them to never use it. Shocking.