CloudFront 支援 JA3 資訊 (SSL/TLS fingerprint)
source link: https://blog.gslin.org/archives/2022/11/19/10962/cloudfront-%e6%94%af%e6%8f%b4-ja3-%e8%b3%87%e8%a8%8a-ssl-tls-fingerprint/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
CloudFront 支援 JA3 資訊 (SSL/TLS fingerprint)
看到 CloudFront 宣佈支援帶入 JA3 資訊了:「Amazon CloudFront now supports JA3 fingerprint headers」:
Details: Amazon CloudFront now supports Cloudfront-viewer-ja3-fingerprint headers, enabling customers to access incoming viewer requests’ JA3 fingerprints. Customers can use the JA3 fingerprints to implement custom logic to block malicious clients or allow requests from expected clients only.
JA3 的頁面上可以看到說明,針對 SSL/TLS 這個複雜的 handshake 過程中,就可以從中得知不同的 client 實做,比起容易偽造的 User-agent 有效:
JA3 is a method for creating SSL/TLS client fingerprints that should be easy to produce on any platform and can be easily shared for threat intelligence.
像是 Tor 的 SSL/TLS 連線就會有對應的 fingerprint 可以偵測:
JA3 fingerprint for the standard Tor client:
e7d705a3286e19ea42f587b344ee6865
先前在「修正 Curl 的 TLS handshake,避開 bot 偵測機制」裡面提到的 curl-impersonate 就是反制這類偵測的方式。
Related
CloudFront 支援 TLS 1.3
看到 AWS 的公告,宣佈 CloudFront 支援 TLS 1.3:「Amazon CloudFront announces support for TLSv1.3 for viewer connections」。 預設會自動啟用: TLSv1.3 is available today and enabled by default across all Amazon CloudFront security policies options. No additional changes are required to your CloudFront configuration to benefit from the security and performance improvements of TLSv1.3…
September 4, 2020In "AWS"
AWS 也推出免費的 SSL Certificate 給 ELB 與 CloudFront 用了
AWS 推出免費的 SSL Certificate 服務 AWS Certificate Manager:「New – AWS Certificate Manager – Deploy SSL/TLS-Based Apps on AWS」。 目前宣佈只有在 us-east-1 可以用,不過實際測試會發現包括 CloudFront。 AWS Certificate Manager (ACM) is available now in the US East (Northern Virginia) region, with additional regions in the works. You can provision, deploy, and renew certificates at…
January 22, 2016In "AWS"
Amazon CloudFront 的 HTTP/2
Amazon CloudFront 總算是支援 HTTP/2 了:「New – HTTP/2 Support for Amazon CloudFront」。 比較需要注意的是,CloudFront 所用到的 Certificate Manager 必須開在美西的 us-east-1 才能讓 CloudFront 吃到設定,剛剛誤開在 us-west-2 上,結果回到 CloudFront 頁面上沒找到... 不過 CloudFront 的問題還是在於 latency 不穩定,HTTP/2 應該是可以降低 latency 不穩定帶來的影響,但畢竟還是有影響...
September 8, 2016In "AWS"
Leave a Reply
Your email address will not be published. Required fields are marked *
Comment *
Name *
Email *
Website
Notify me of follow-up comments by email.
Notify me of new posts by email.
To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Learn More)
Post navigation
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK