Network misconfigurations

AWS EC2 instance allows public ingress access on RPC port 135


Remote Procedure Call (RPC) protocol provides an inter-process communication mechanism that allows a program running on one computer to seamlessly execute code on another remote system. Using RPC protocol an attacker can take any action on your system, like installing programs, viewing, changing or deleting data, or creating new accounts with full privileges. It is a best practice to block RPC port 135 from the public internet.