Network misconfigurations

AWS EC2 instance allows public ingress access on SMB port 445

Platform(s)
Compliance Frameworks
  • CCPA
  • ,
  • Data Security Posture Management (DSPM) Best Practices
  • ,
  • Mitre ATT&CK
  • ,
  • New Zealand Information Security Manual
  • ,
  • NIST 800-171
  • ,
  • NIST 800-53
  • ,
  • Orca Best Practices
  • ,
  • UK Cyber Essentials

Description

SMB (Server Message Block) Port - 445 is used for file sharing and TCP/IP networking on Windows 2000 and later versions. Allowing inbound traffic from all IP addresses to Port 445 can make it vulnerable to WannaCry exploit on Microsoft Endpoints. It is a best practice to block port 445 from the public internet.