Network misconfigurations

AWS EC2 instance allows public ingress access on SMB port 445

Platform(s)
Compliance Frameworks

CCPA, Data Security Posture Management (DSPM) Best Practices, Mitre ATT&CK, New Zealand Information Security Manual, NIST 800-171, NIST 800-53, Orca Best Practices, UK Cyber Essentials

Description

SMB (Server Message Block) Port - 445 is used for file sharing and TCP/IP networking on Windows 2000 and later versions. Allowing inbound traffic from all IP addresses to Port 445 can make it vulnerable to WannaCry exploit on Microsoft Endpoints. It is a best practice to block port 445 from the public internet.