Free Assessment

Amazon_EC2_36

Ensure no Network ACLs allow ingress from 0.0.0.0/0 to remote server administration ports

Description

The Network Access Control List (NACL) function provide stateless filtering of ingress and egress network traffic to AWS resources. It is recommended that no NACL allows unrestricted ingress access to remote server administration ports, such as SSH to port 22 and RDP to port 3389.

Remediation

Perform the following in the AWS Management Console:
1. Login to the AWS Management Console at https://console.aws.amazon.com/vpc/home

2. In the left pane, click Network ACLs.

3.For each network ACL to remediate, perform the following:

  • Select the network ACL
  • Click the Inbound Rules tab
  • Click Edit inbound rules
  • Either A) update the Source field to a range other than 0.0.0.0/0, or, B) Click Delete to remove the offending inbound rule
  • Click Save

Service

EC2

Severity

Medium

Compliance

Mapping

Want to Know More?

Learn how our partners are managing their cloud security and compliance with Cloudlytics.

I hereby accept the GDPR and Privacy Policy, by subscribing to the newsletters.

Cloudlytics

Solutions

Resources

Company

Legal

Facebook Twitter Linkedin Youtube
Start Free Trial
Login

CLOSE

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!

Learn More