How to find which app is running a TOR inside my server
I really hope someone can help. I have a tor running inside one of my servers (reported by AWS guard) and I have no idea how can I trace it to which application is running the tor socket?
attached is the report from aws so I can see the IP and port
any assistance is appreciated
If your website is public, expose it to internet through AWS CloudFront. Also you can put it behind AWS WAF. This is the best way to secure your website, leave the heavy lifting to AWS and you can focus on your own business functional requirements.
Besides security, using AWS CloudFront has other advantages, such as protection against DDoS attacks, lower latency for end-users and lower prices, as most requests can get responses out of CloudFront edge cache and don't need to travel all the way to your origin servers.
In summary, consider changing your architecture to include following:
- AWS CloudFront
- AWS WAF
- AWS Shield