AWS Security Group Private IP spoofing

2.7k views Asked by At

I am using AWS security group inbound rules to only give private resources HTTP access to an EC2 instance, but public SSH access to my IP address

For this the instance requires a public IP address

I know that IP spoofing is quite easy to be done, but harder to make it work with SSL handshakes

My question is Could an attacker spoof private IPs from the typical AWS CIDRs 10.0.x.y and send HTTP requests to my EC2 instance?

The purpose of this question is to better know the security warranties of AWS security groups

1

There are 1 answers

0
devopsimpostorsyndrome On

Your IP probably would be statically locked on your unchangeable MAC. So packets with the wrong address will be filtered out somewhere. Would be easy to do in the software network bridge(s).