Amazon_VPC_2
Security groups provide stateful filtering of ingress/egress network traffic to AWS resources. It is recommended that no security group allows unrestricted ingress access to port 3389 .
From Console:
1. Sign in to the AWS Management Console.
2. Navigte to VPC dashboard at https://console.aws.amazon.com/vpc/.
3. In the left navigation, select Security Groups.
4. Now Select the Security Group that needs to be Updated and click the Inbound Rules tab, and click Edit rules.
5. Remove any rules that include port 3389 and have a source of 0.0.0.0/0.
6. Click Save.
From AWS CLI:
List all security groups with an ingress rule of 0.0.0.0/0 using following command:
aws ec2 describe-security-groups –filters Name=ip-permission.cidr,Values=’0.0.0.0/0′ –query SecurityGroups[*].{Name:GroupName,ID:GroupId}”
Remove the rule using following command:
aws ec2 revoke-security-group-ingress –group-id –protocol –port 3389 –cidr 0.0.0.0/0
Optionally add a more restrictive ingress rule to the selected Security Group using following command:
aws ec2 authorize-security-group-ingress –region –group-name –protocol –port 3389 –cidr
References:
1. https://docs.aws.amazon.com/vpc/latest/userguide/vpc-security-groups.html#AddRemoveRules
2. https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-security-groups.html#updating-security-group-rules
3. https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-security-groups.html
4. https://docs.aws.amazon.com/cli/latest/reference/ec2/revoke-security-group-ingress.html
Want to Know More?
Learn how our partners are managing their cloud security and compliance with Cloudlytics.
I hereby accept the GDPR and Privacy Policy, by subscribing to the newsletters.
