[colug-432] Cloud services and security

Jason Marshall jason.marshall at gmail.com
Mon Feb 7 14:16:29 EST 2011


It's an Amazon term. You can have IP addresses that are allocated to you
that you can move around between instances as needed. Good for failover if
needed.

I can hold onto the address for as long as I needed it, and I have updated
my DNS zones to include that address.

Jason

On Mon, Feb 7, 2011 at 1:44 PM, Travis Sidelinger <
travissidelinger at gmail.com> wrote:

> I've heard of static and dynamic, but what is an "Elastic IP"?
>
>
> On Mon, Feb 7, 2011 at 1:04 PM, Jason Marshall <jason.marshall at gmail.com>
> wrote:
> > Travis,
> >
> > I would beg to differ on a couple of points below. This weekend I
> finished
> > configuring a mail server out on Amazon EC2, and I have an Elastic IP
> > assigned to it with Reverse DNS. I think the reverse DNS is a relatively
> > recent feature addition, however.
> >
> > Jason
> >
> > On Mon, Feb 7, 2011 at 12:31 PM, Travis Sidelinger
> > <travissidelinger at gmail.com> wrote:
> >>
> >> Anyone,
> >>
> >> Any colug'ers have experience with maintaining security with cloud
> >> services?  We firewall everything inbound and outbound for our DMZ
> >> systems, but, this has been getting increasingly difficult with cloud
> >> services that like to change their IP address often.  An example is
> >> Amazon's cloud.  They are not using static IP addresses and you can't
> >> use reverse DNS lookups to validate their service.  A firewall rule
> >> can be good for about a day before it changes.  We are planning to
> >> upgrade our firewall to a Cisco product, which I'm hoping has a
> >> feature that can check URL's.  If that doesn't work, I may need to
> >> build a special proxy service for these that can provide URL based
> >> ACLs.
> >>
> >> ~Travis Sidelinger
> >>
> >> --
> >> "A careful reading of history clearly demonstrates ...
> >> that people don't read history carefully.”
> >>
> >> _______________________________________________
> >> colug-432 mailing list
> >> colug-432 at colug.net
> >> http://lists.colug.net/mailman/listinfo/colug-432
> >
> >
> > _______________________________________________
> > colug-432 mailing list
> > colug-432 at colug.net
> > http://lists.colug.net/mailman/listinfo/colug-432
> >
> >
>
>
>
> --
> "A careful reading of history clearly demonstrates ...
> that people don't read history carefully.”
>
> _______________________________________________
> colug-432 mailing list
> colug-432 at colug.net
> http://lists.colug.net/mailman/listinfo/colug-432
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.colug.net/pipermail/colug-432/attachments/20110207/1fe795be/attachment-0001.html 


More information about the colug-432 mailing list