Network misconfigurations

Elastic Load Balancer (ELB) allows ingress access to SMB port 445

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

SMB (Server Message Block) Port - 445 is used for file sharing and TCP/IP networking on Windows 2000 and later versions. Allowing inbound traffic from all IP addresses to Port 445 can make it vulnerable to WannaCry exploit on Microsoft Endpoints. It is a best practice to block port 445 from the public internet.
  • Recommended Mitigation

    It is recommended to replace the source IP of the rule with a specific IP address or delete the rule.