[AWS] buffer overflow ??

[David Marceau]

I'm no security expert but here are while we're talking about security or
vulnerability of a AWS server:
1.1)There is one vulnerability on a windows box you should watch out for that
could affect AWS:
SQL slammer-like attacks via port 135(rpc/DCOM/and maybe .NET?)  This is not an
AWS vulnerability.  It is a windows vulnerability.
On my linux box I see a mass wave of these port probes on an ongoing basis from
within my ISP's domain and from around the planet.
1.2)If your windows box exists, your 135 port is open probably and serving.  I
don't have a windows box so I don't have to worry about this but if you are
running on a windows box well...:)
1.3)If you're on linux box, port 135 doesn't have to be open.

2.1)if you're paranoid, don't run sshd or vncd stuff on windows or linux.  
2.2)Do keep a close eye on what services are running on your linux or windows
machine.
2.3)check out ethereal/iptraf/other traffic monitors
2.4)check out traffic shaper stuff and give priority to those ip's you know are
not suspect.  Strangle the bandwidth for those that are
suspect.(vshape/xshape..something with shape in it is the name of the s/w tool
on linux).  A commercial solution is Packeteer.
2.5)check out firewall stuff

That's it.