Getting blacklisted for hosting a public analytic service on AWS

AWS - Amazon Web Services - allows you to deploy your analytic app or API on the cloud, and make it public. However, if you are co-located on a shared server and your "neighbors" are criminals engaging in click fraud or email spamming, your IP address will be blocked by most IP blacklist vendors such as Spamhaus. This is nothing new, but what is new here is the very high proportion of bad neighbors found on AWS, and Amazon does not have the technology to detect them. A classified study based on Ad Network data (web logs) shows that 20% of click fraud on large ad networks, comes from hundreds of AWS IP addresses - the largest single source of fraud, bigger than any single traditional Botnet. Spamhaus catches about 15% of the bad IP addresses in question. The remaining IP addresses can easily be detected using IP address clustering techniques or large scale (distributed) nslookups.

In some security circles, people have suggested to block all Internet traffic from Ashburn, Virginia, as this is where a large AWS server farm (infested by criminals) is located, with new IP addresses popping up every day. If you share your IP address with one of these criminals (even though you are a good guy), your clients might just not be able to access your services, as your AWS public website/folders will be blocked by most browsers.

So what are the solutions - safer cloud - to host your analytic app if you don't have a budget for a dedicated IP address? Even a dedicated IP address is not great if it's located in an IP address block filled with blacklisted IP addresses. There are plenty of articles about this issue, do a Google search on AWS blacklisted IP. 

Views: 2272

Reply to This

© 2021   TechTarget, Inc.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service