Network misconfigurations

AWS EC2 instance allows public ingress access on FTP port 21

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

FTP (File Transfer Protocol) port - 21 is used to transfer data between the client and the server. Allowing inbound traffic from all external IP addresses to FTP port makes it vulnerable to FTP brute force attack, Packet Sniffing using Man-In-The-Middle (MITM) attack. It is a best practice to restrict access from specific IP addresses to port 21.
  • Recommended Mitigation

    It is recommended to replace the source IP of the rule with a specific IP address or delete the rule.