Network misconfigurations

Elastic Load Balancer (ELB) allows ingress access to RPC port 135

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

Remote Procedure Call (RPC) protocol provides an inter-process communication mechanism that allows a program running on one computer to seamlessly execute code on another remote system. Using RPC protocol, an attacker can take any action on your system, like installing programs, viewing, changing or deleting data, or creating new accounts with full privileges. It is a best practice to block RPC port 135 from the public internet.
  • Recommended Mitigation

    It is recommended to replace the source IP of the rule with a specific IP address or delete the rule.