Originally posted by SeanT
View Post
- Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
- Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!
Reply to: Azure hosting or similar
Collapse
You are not logged in or you do not have permission to access this page. This could be due to one of several reasons:
- You are not logged in. If you are already registered, fill in the form below to log in, or follow the "Sign Up" link to register a new account.
- You may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
- If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.
Logging in...
Previously on "Azure hosting or similar"
Collapse
-
Originally posted by Spoiler View PostJust trying to figure out exactly how that would work ...
Spin up a Linux box in Lightsail, and run OpenVPN server on it.
Install OpenVPN client on the Lightsail Windows server and connect to the OpenVPN server.
Then, connect to VPN Server from home PC and run RDP over it.
If the admin account was secured with 2FA, then I'm still reliant on that working okay.
If the admin account isn't 2FA, then this leaves it open to brute force type attacks using direct RDP (not over the VPN).
Unless ... I can restrict an account to only permit logins over the VPN (not sure if that's possible) ???
RD Gateway on 443 open to the world.
RD service itself on 3389 open to localhost (i.e. the gateway service running on the same machine) and to the OpenVPN box.
Normal user access: RD via RD Gateway and Duo
Admin user backdoor: VPN auth with certificate / key, RDP direct to server
Leave a comment:
-
Originally posted by SeanT View PostI'd want an admin back door though (so a free VPN appliance, just for the genuinely administrative users, can be a Linux box for an extra fiver a month or something).
Spin up a Linux box in Lightsail, and run OpenVPN server on it.
Install OpenVPN client on the Lightsail Windows server and connect to the OpenVPN server.
Then, connect to VPN Server from home PC and run RDP over it.
If the admin account was secured with 2FA, then I'm still reliant on that working okay.
If the admin account isn't 2FA, then this leaves it open to brute force type attacks using direct RDP (not over the VPN).
Unless ... I can restrict an account to only permit logins over the VPN (not sure if that's possible) ???
Leave a comment:
-
-
Originally posted by Spoiler View PostThis looks interesting, thanks. Will give it a spin. Pretty sure the app i need to use will work with 2012, possibly 2016. Will test it out.
Main concern now is to secure RDP, but still keep the login process simple(ish) - looking at DUO's 2FA option for RDP ...
Leave a comment:
-
Originally posted by Dante View Posthttps://amazonlightsail.com/
Windows Server:
2 GB Memory
1 Core Processor
50 GB SSD Disk
3 TB Data Transfer*
$30 / £22.95 a month
EDIT: It's Windows 2012 and 2016 only,so you'll have to ensure your s/w runs on it (or go down the Linux + VM route).
Main concern now is to secure RDP, but still keep the login process simple(ish) - looking at DUO's 2FA option for RDP ...
Leave a comment:
-
https://amazonlightsail.com/
Windows Server:
2 GB Memory
1 Core Processor
50 GB SSD Disk
3 TB Data Transfer*
$30 / £22.95 a month
EDIT: It's Windows 2012 and 2016 only,so you'll have to ensure your s/w runs on it (or go down the Linux + VM route).Last edited by Dante; 3 November 2017, 15:54.
Leave a comment:
-
Originally posted by SeanT View PostWhy would you assume this? It's just as likely to be ASP or PHP or worse.
Perhaps a bit of a leap of faith...
Anyway I didn't assume, I presumed....
Leave a comment:
-
BTW Spoiler, just what is the application, could I get it to run in a container for you?
Leave a comment:
-
Originally posted by garethevans1986 View PostAzure isnt mature enough compared to AWS, MS are playing catch up with the tech and try to retro fit services into the cloud rather than designing them cloud first like AWS do. It's a nicer platform to use, better management suite, Azure SDKs are a nightmare between versions as they ALWAYS have breaking changes in.
My current client uses Azure and it's a big huge bag of spanners. Hard limits all over the place which is ridiculous - eg 200 Storage Accounts per subscription, Cloud Services etc. Service Fabric only just coming out on Azure, AWS equivilant Elastic Beanstalk has been around for years.
Gareth
AWS rules the roost on depth and breadth of the services it does offer, but fails on inadequate container orchestration (unless you roll your own), largely un-necessary rebranding of products and vendor lock-in, complicated network stack that's less powerful than the GOOG one, and from what I've seen noisy neighbour issues.
Azure is basically like AWS in many ways - just a little bit less awesome. It's nowhere near as nice to work with, but has good options for M$ shops and of course an awesome AI / data platform with some good USPs mixed in there.
GCP is a bit different - it's not quite as easy to work with as AWS, but the networking and support for container orchestration and a pipeline feeding this is pretty excellent. Add in Cloud Spanner, a world class networking stack, some more AI / ML goodness, good support for open source databases that don't deviate from the original codebase / implementation, and Cloud Console and it's a pretty compelling all rounder. GKE is a bit more limited but it's so nice to be able to use K8S with the hard stuff done for you we'll let them off.
Leave a comment:
-
Originally posted by woohoo View PostI'm interested in the reasons why you prefer aws.
Azure isnt mature enough compared to AWS, MS are playing catch up with the tech and try to retro fit services into the cloud rather than designing them cloud first like AWS do. It's a nicer platform to use, better management suite, Azure SDKs are a nightmare between versions as they ALWAYS have breaking changes in.
My current client uses Azure and it's a big huge bag of spanners. Hard limits all over the place which is ridiculous - eg 200 Storage Accounts per subscription, Cloud Services etc. Service Fabric only just coming out on Azure, AWS equivilant Elastic Beanstalk has been around for years.
Gareth
Leave a comment:
-
Presumably the server end is just a WAR file deployed on JBoss or Websphere, can u not drop it on Linux?
Leave a comment:
- Home
- News & Features
- First Timers
- IR35 / S660 / BN66
- Employee Benefit Trusts
- Agency Workers Regulations
- MSC Legislation
- Limited Companies
- Dividends
- Umbrella Company
- VAT / Flat Rate VAT
- Job News & Guides
- Money News & Guides
- Guide to Contracts
- Successful Contracting
- Contracting Overseas
- Contractor Calculators
- MVL
- Contractor Expenses
Advertisers
Contractor Services
CUK News
- Secondary NI threshold sinking to £5,000: a limited company director’s explainer Dec 24 09:51
- Reeves sets Spring Statement 2025 for March 26th Dec 23 09:18
- Spot the hidden contractor Dec 20 10:43
- Accounting for Contractors Dec 19 15:30
- Chartered Accountants with MarchMutual Dec 19 15:05
- Chartered Accountants with March Mutual Dec 19 15:05
- Chartered Accountants Dec 19 15:05
- Unfairly barred from contracting? Petrofac just paid the price Dec 19 09:43
- An IR35 case law look back: contractor must-knows for 2025-26 Dec 18 09:30
- A contractor’s Autumn Budget financial review Dec 17 10:59
Leave a comment: