Network misconfigurations

Elastic Load Balancer (ELB) allows ingress access to FTP port 20

Platform(s)
Compliance Frameworks
  • CCPA
    • ,
  • Mitre ATT&CK
    • ,
  • New Zealand Information Security Manual
    • ,
  • NIST 800-171
    • ,
  • NIST 800-53
    • ,
  • Orca Best Practices
    • ,
  • UK Cyber Essentials

Description

FTP (File Transfer Protocol) port - 20 is used to setup FTP connection between the client and the server. Allowing inbound traffic from all external IP addresses to FTP port makes it vulnerable to FTP brute force attack, Packet Sniffing using Man-In-The-Middle (MITM) attack. It is a best practice to restrict access from specific IP addresses to port 20.
Need help?

Get a free Security Risk Assessment. Start today

Demo the Orca Platform

In just 10 minutes, you’ll see how Orca Security can revolutionize your cloud security strategy. Watch a recorded demo from a cloud security expert now.

Get a Demo