Azure virtual machine with Windows distribution allows direct public NetBios session service access

Network misconfigurations

Azure virtual machine with Windows distribution allows direct public NetBios session service access

Platform(s)

Compliance Frameworks

CCPA
CPRA
Data Security Posture Management (DSPM) Best Practices
ISO/IEC 27001
Microsoft Cloud Security Benchmark
Mitre ATT&CK
mpa
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
Orca Best Practices
PDPA
UK Cyber Essentials

Description

NetBIOS provides services related to the session layer of the OSI model allowing applications on separate computers to communicate over a local area network. Port 139 is using for session service - connection-oriented communication. This port is open on your Windows virtual machine and allows all incoming traffic from the Internet. In order to keep security best practices and decrease the risk for malicious activities, you should restrict access to be only from allowed IP addresses.

Recommended Mitigation

Configure networking rule to allow incoming NetBIOS traffic from allowed IP addresses only.

Azure virtual machine with Windows distribution allows direct public NetBios session service access

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS