Network misconfigurations

Elastic Load Balancer (ELB) allows ingress access to NetBIOS port 139

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

NetBIOS port 139 is used for Network file sharing and shared printer in the LAN. Allowing inbound traffic from all external IP addresses to NetBIOS ports can be risky as your shared resources are exposed over the public internet. It is a best practice to block port 139 completely.
  • Recommended Mitigation

    It is recommended to replace the source IP of the rule with a specific IP address or delete the rule.