Saturday, November 17, 2018

AWS 6 NACL , Security Groups and End points

NACL is stateless
SG is stateful



Total # of ports are 0-65000


Dynamic ports are from  49152 to 65535

If we do not open the outbound ports, then for the traffic that is initiating from the Server, we cant go out from the server
The packet gets dropped.




Protocol used is TCP or UDP

If we want to open the outbound traffic, then we have to open the ICMP  ping




AS NACL is STATELESS, we have to open both inbound and outbound.

Security Group is Assigned to the INSTANCES - Very Important

Subnet Security:
NACL is assigned to the SUBNETS -  Very Important

Dynamic ports are from  49152 to 65535
This is the port range that needs to be opened for NACL outbound ports.


There are inbound rules and outbound rules


VPC flow logs and  Elastic IPs

If we want to retain the Public IP we will first create an EIP and then assign the EIP to the EC2 instance.

If we do not assign the EIP to the instance, we will be charged money.






at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

netstat

A copy from there - TCP Connection States 
 Following is a brief explanation of this handshake. In this context the "client" is ...

  • CIDR
    Source: https://www.youtube.com/watch?v=m7osap3K_MU&list=PLjrF25Df7idwxvJzLpECBc2rZjQLOazgV&index=3 CIDR Notation Classness int...
  • AWS 10
  • AWS 6 NACL , Security Groups and End points
    NACL is stateless SG is stateful Total # of ports are 0-65000 Dynamic ports are from  49152 to 65535 If we do not open the outboun...