Network misconfigurations

ECS instance with RDP internet access

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

A security group controls and limits the network access to your VPC or resource. SSH (port 22) allows remote connection to your instance. Therefore, it is not recommended to allow access from the internet to this port, and limit it using a security group with permission to specific addresses. By default, AliCloud enables SSH access in order to let you connect to your resource. We have found that the instance {AliCloudEcsInstance} enables unlimited remote connection access through the internet.
  • Recommended Mitigation

    Review your security group permissions. If RDP access is required for your needs, limit it to a specific IP address.