Network misconfigurations

Elastic Load Balancer (ELB) allows ingress access to FTP port 21


FTP (File Transfer Protocol) port - 21 is used to transfer data between the client and the server. Allowing inbound traffic from all external IP addresses to FTP port makes it vulnerable to FTP brute force attack, Packet Sniffing using Man-In-The-Middle (MITM) attack. It is a best practice to restrict access from specific IP addresses to port 21.
  • Recommended Mitigation

    It is recommended to replace the source IP of the rule with a specific IP address or delete the rule.