Amazon EC2 - S3 Questions

[raffi at flossyourmind.com (Raffi Jamgotchian)]

Other than using whatever tools you have to secure the O/S that sits  
on EC2, not much else right now. My guess is that Amazon forbids pen- 
testing against its infrastructure as part of the terms of service.  A  
company large enough, may be able to get that allowed. I don't know if  
Amazon has released any information regarding security audits or code  
review done against the EC2 base

On Dec 23, 2008, at 1:22 AM, Arch Angel wrote:

> Hello Everyone,
>
> I just had a client ask me to setup an Instance in Amazon EC2 to be  
> the platform for a web site site that will ultimately be a place  
> were up and coming artists auction off their work.  This site will  
> include members sections with profiles, galleries, a shopping cart,  
> most like a forum at some point and the more I read into Amazon EC2  
> or other technologies such as this cloud computing I begin to  
> question its security and the safety of the users.
>
> What are everyone's thoughts on this cloud computing?
>
> Do we know of any vulnerabilities with this technology?
>
> Suggestions to best secure a site such as this on a cloud computed  
> platform?
>
> Thanks everyone!!!
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com