asked on

Amazon EC2 - Security Group Settings

I've already modified security settings on my EC2 instance and have gotten what I wanted from doing that (ability to ping and ability to reach the instance via my browser) but I've probably opened the security settings to broadly and compromised security of the instance. I've attached screen shots of the settings, can you help with this?
EC2-Security-Settings.docx

Zephyr ICT

For starters I'd definitely remove the All TCP ports inbound rule ... That's very unsafe!

cbridgman

ASKER

The reason that I put the TCP ports thing in there is that I have installed websphere on the server and deployed a web-based application on it. Now that it is there, I need to be able to access that application's user interface through a browser from any PC I'm on. Before adding the ALL TCP entry, I was unable to do that. Once I added it, I was able to access the application via a browser.

Is there another or better way to do that?

Zephyr ICT

Yeah ... There should be, find out which ports websphere is using and the other applications, maybe you can use netstat to find out which ports are open when you're using the application?

in a command window type "netstat -an" for example ...

For the record, these are all the ports websphere is using apparently: http://publib.boulder.ibm.com/infocenter/wsdoc400/v6r0/index.jsp?topic=/com.ibm.websphere.iseries.doc/info/ae/ae/adrportbase.htm

I'd start with configuring these instead of the all TCP ports.

cbridgman

ASKER

Okay, I will give that a try. I really am a novice at this kind of stuff so your assistance is really appreciated. I will let you know how that goes.

ASKER CERTIFIED SOLUTION

Zephyr ICT

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

cbridgman

ASKER

RDP solution works like a charm.

Thanks for the expert help.