Network misconfigurations

AWS EC2 instance allows public ingress access on RPC port 135

Platform(s)
Compliance Frameworks
  • CCPA
  • ,
  • Data Security Posture Management (DSPM) Best Practices
  • ,
  • Mitre ATT&CK
  • ,
  • New Zealand Information Security Manual
  • ,
  • NIST 800-171
  • ,
  • NIST 800-53
  • ,
  • Orca Best Practices
  • ,
  • UK Cyber Essentials

Description

Remote Procedure Call (RPC) protocol provides an inter-process communication mechanism that allows a program running on one computer to seamlessly execute code on another remote system. Using RPC protocol an attacker can take any action on your system, like installing programs, viewing, changing or deleting data, or creating new accounts with full privileges. It is a best practice to block RPC port 135 from the public internet.