[AWS] Question: Can opening more than the number of allowed sessions break aws?

[Pascal Obry]

David Marceau writes:
 > I have been getting some abnormal activity on my machine.
 > I don't know if they have succeeded in the past but this ip address 
 > 65.33.209.229 
 > originating from Herndon Virgina 
 > was attacking my machine at the udp level at port 80.  I used iptraf to
 > confirm this.
 > 
 > Nothing was appearing in the aws log about this activity 
 > however when I look at the Admin-Page I can see the same IP at all the
 > different 40 sessions.

I just don't understand how this is possible... I'm far from being a
network expert...

 > The other thing I could see on the Admin-Page was that there were more
 > than 40 session id's.
 > There were actually 76 session id's alive.  I gather this is normal.
 > Right?

This is possible of course. The unused session id will be cleaned up at
some point by the cleaner task (session ID garbage collector).

 > Is there a chance of crapping out aws with too many sessions.  

Don't think so.

 > I don't believe so since this person did hit the 40 simultaneous
 > connection barrier but the number of alive session id's is 76.
 > 
 > Going back to my question:  is there a risk this person will succeed in
 > breaking aws with this kind of attack?

Maybe, maybe not ! Depending on the implementation of your callback procedure.
But in AWS nothing should go wrong. The worst problem would be to have AWS
crashing but it should not propagate the problem to your system.

 > Until then I placed this IP in my /etc/hosts.deny :)

Safe :)

Pascal.

-- 

--|------------------------------------------------------
--| Pascal Obry                           Team-Ada Member
--| 45, rue Gabriel Peri - 78114 Magny Les Hameaux FRANCE
--|------------------------------------------------------
--|         http://perso.wanadoo.fr/pascal.obry
--| "The best way to travel is by means of imagination"
--|
--| gpg --keyserver wwwkeys.pgp.net --recv-key C1082595