Linux: How to allow outbound rules for seccurity updates

user2503775

9/9/23, 7:49 PM

We use aws ec2 instances with the 'AWS Linux AMI 2' image.

We have a script for security updates with this code: yum update -y --security.

I want to allow only security update in outbound rules - aws security group. Can someone tell me what is the port + ip? if it has a specific IP... I think the port is HTTP 80 since it works after I add it.

0 + 0

firewall

amazon-web-services

security-groups

Roid

9/9/23, 7:58 PM

It's not possible(it think is complecate) you need know every domain or possible domain, but you can secure command using sudo for example to protect unauthorized user execute the yum command.

user2503775

9/10/23, 9:50 AM

I talked about the security group (I will have to open the instanse with rule 80 to everyone!), the script itself is avaiable only with SUDO.

Score:0

Server

Tosin Faleyimu

11/13/23, 1:40 PM

According to AWS recommendations, you should allow outbound HTTP & HTTPS traffic to the internet from the security group attached to the EC2 instance, in order to allow security updates.

REFERENCE: https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Scenario2.html#:~:text=DBServerSG%20security%20group.-,0.0.0.0/0,Allow%20outbound%20HTTPS%20access%20to%20any%20IPv4%20address.,-The%20following%20table

AWS Security Group - Outbound Rule recommendation

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Linux: How to allow outbound rules for seccurity updates

TH: Linux: วิธีอนุญาตกฎขาออกสำหรับการอัปเดตความปลอดภัย

RO: Linux: Cum să permiteți regulile de ieșire pentru actualizările de securitate

RU: Linux: как разрешить исходящие правила для обновлений безопасности

VI: Linux: Cách cho phép các quy tắc gửi đi để cập nhật bảo mật

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.