Posts

Showing posts from May, 2021

True Multi-Factor Authentication

True Multi-Factor Authentication    Multi-Factor Authentication has become very normal these days for high secure websites. Definitely, a much better solution compared to just username and password combinations. But, in certain scenarios, MFA is not really MFA! First, let's look at the current state of the different MFA options available. 1) SMS / E-Mail / Authenticator based code / link. 2) Hardware tokens such as YubiKey! When I lose my mobile which has my SIM card, EMail application, Authenticator - MFA scenario 1 fails. But at least the attacker was not able to compromise my accounts until I lost my mobile phone or unless the hacker is a shadow in the vicinity. Similarly with hardware tokens. Here are some suggested alternate scenarios or possible future enhancements for the tech industry: 1) Voice-based speaker recognition 2) Facial recognition like Windows Hello and Mobile Phone unlock Now combining the above factors with traditional MFA can significantly help. For examp...

Getting started with AWS CLI

Getting started with AWS CLI     AWS CLI (Command Line Interface) is a simple command-line utility to manage AWS resources. AWS resources can be configured, managed, allocated, de-allocated etc... CLI allows automation via scripts also. There are two versions of the CLI. Version 1 and 2. The documentation for installing on Windows, Linux and MacOS are provided below: - Linux - MacOS - Windows    Once installed, the installation can be verified by issuing the version command. > aws --version The output should be something like: " aws-cli/2.2.4 Python/3.8.8 Windows/10 exe/AMD64 prompt/off ". This is the output as of this blog post on windows. > aws configure This command prompts for API credentials and default region. When setting up a new user via IAM console, enable programmatic API access. The access key and secret key are prompted. Note : However, the most concerning thing in this configuration is that the credentials are prompted and are stored in plain text...

Logging into AWS CloudWatch using NLog

Logging into AWS CloudWatch using NLog NLog has a target for writing log messages directly into AWS CloudWatch. Nuget:  AWS.Logger.Nlog URL:  https://github.com/aws/aws-logging-dotnet The configuration is very simple and straightforward. <?xml version="1.0" encoding="utf-8" ?> <nlog xmlns="http://www.nlog-project.org/schemas/NLog.xsd"       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"   throwConfigExceptions="true">   <extensions>     <add assembly="NLog.AWS.Logger" />   </extensions>   <targets>     <target name="aws" type="AWSTarget" logGroup="NLog.ConfigExample" region="us-east-1"/>   </targets>   <rules>     <logger name="*" minlevel="Info" writeTo="aws" />   </rules> </nlog> In the above config snippet, the important part has been emphasized in bold and italics. Include t...

Multi-part Upload to S3 programmatically in .Net using C#

  Multi-part Upload to S3 programmatically in .Net using C# Uploading large files or a batch of thousands of files or continuous backup into S3 can sometimes be problematic using AWS Console. Apart from Storage Gateways, another easier solution is to write just a few lines of code to enable this. Files can be up to a maximum of 5TB in size. But remember that a maximum of 10,000 parts is allowed. You can use other logical scenarios such as based upon certain conditions uploading to a specified bucket or prepending a prefix etc... This blog post specifically shows and discusses some code on how to upload a file as smaller chunks and re-assemble it on the server. This blog post also discusses some useful related functions. The following are the requirements: - A user with programmatic access. Can be created in IAM console and enabling programmatic access. Just download the CSV file, write some code to read the 3rd and 4th columns from the second line in the CSV. These are the SecretKe...