Open main menu

CDOT Wiki β

Changes

OPS345 Lab 2

1,445 bytes added, 01:49, 16 December 2021
AWS Networking
The fundamentals you've learned about networking in your previous courses apply to AWS as well. The only difference from what you may be used to is that most of it is virtual in AWS. There are obviously still wires and cables and switches and routers, but their infrastructure has a layer of software on top to allow it to be more dynamic to deploy, configure, and use.
This diagram is a very simple overview of the parts of AWS networking you're going to use in this course:
[[File:AWSVPCComponents.png|center]]
 
== Security ==
 
'''You're working on the real inetnet now!''' In many previous courses you were working in VMs on your virtual machines, on private networks, where attackers couldn't get to your servers even if they were super-dedicated and qualified. That is not the case in this course.
 
The VMs and networks you create in this course are likely to be accessible by anyone on the planet. That means you ''have to'' think of security.
 
If you imagine that noone will attack your servers because you have nothing worth attacking: you're wrong. Every CPU connected to the internet is worth something. A most common scenario is an attacker (or organisation) finds a great number of vulnerable servers online, and make those part of a bot net. Then they will use the bot net they created (effectively a supercomputer) to launch attacks on targets that matter to them. They won't spend the time to attack your servers individually, but they have automation that exploits the most common security holes that lazy administrators leave open.
 
This is not a security course, but you should be able to understand that different parts of your system are susceptible to different types of attacks. The more components you configure with security in mind: the less likely you are to become a victim of an attack.
* VPCs, subnets