Comments (4)
hirenshah005
commented on August 10, 2024
When I try to connect tester instance with ssh after setup step done on /.ssh/config I am getting
Enter passphrase for key '/root/.ssh/key.pem':
I don't have any passphrase setup here.
from amazon-guardduty-tester.
tonyfruzza
commented on August 10, 2024
When I try to connect tester instance with ssh after setup step done on /.ssh/config I am getting
Enter passphrase for key '/root/.ssh/key.pem':
I don't have any passphrase setup here.
- Ensure that that
key.pemthe same ssh key associated with the EC2 instance. - If unsure, generate a new EC2 SSH key in the AWS webconsole, save the key on your workstation in a safe place and chmod 600, relaunch the stack while setting the parameter in the cloudformation template to make use of the new key. Login using user
ec2-user(since this is an amazon linux image you're logging into).
from amazon-guardduty-tester.
tonyfruzza
commented on August 10, 2024
I've used the guardduty-tester.template for creating cloud formation stack and enabled guardduty on the same region. When I run $ ./guardduty_tester.sh from tester instance only Recon:EC2/Portscan finding is generated by guarduty. Is there any reason why other findings are not generated?
PS: I don't see any errors when running the script.
My account didn't have guardduty enabled for very long prior to this test and got 7 total. As GuardDuty is running longer it does build up a database of what it considers to be normal traffic and may be trained to believe some traffic is normal behavior.
from amazon-guardduty-tester.
scottbward
commented on August 10, 2024
Closing this issue as it is nearly three years old and there is no actual issue identified that needs fixing. I will update the readme to indicate that the DNS related findings do take loner to generate and will show later than some of the other findings.
from amazon-guardduty-tester.
Related Issues (14)
- CloudFormation template fails by missing parameter in AutoScaling
- Add documentation on how to run script on bastion HOT 1
- Add ability to generate a single finding HOT 1
- Unable to generate Recon:EC2/PortProbeUnprotectedPort findings HOT 3
- Unable to generate Backdoor:EC2/DNSDataExfiltration findings HOT 1
- Modify ProxyCommand to no longer use NetCat for proxied access to tester host HOT 1
- guardduty-tester.template fails due to`BastionAutoScalingGroup` HOT 3
- Deployment via CloudFormation always fails HOT 2
- Transition from ssh+bastion to SSM?
- Some findings haven't appeared for over an hour HOT 3
- GovCloud Support
- Automate guarduty-tester.sh
- Outdated windows ami ids HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from amazon-guardduty-tester.