Description

A security group controls and limits the network access to your VPC or resource. RDP (Remote Desktop Protocol) port - 3389 is used to get remote control access to Windows instances. Allowing inbound traffic from all external IP addresses to RDP port is vulnerable to remote code execution, privilege elevation and flooding attack. It is a best practice to restrict access from specific IP addresses to port 3389. We have found that the instance {AliCloudEcsInstance} enables unlimited remote connection access through the Internet.
  • Recommended Mitigation

    Review your security group permissions. If RDP access is required for your needs, limit it to a specific IP address.