Network misconfigurations

Security group allows ingress predefined blocked ports

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

HITRUST, ISO/IEC 27001, Mitre ATT&CK v12, New Zealand Information Security Manual, NIST 800-171, Orca Best Practices, UK Cyber Essentials

Description

An AWS Security Group acts as a virtual firewall for your instances to control inbound and outbound traffic. We identified the security group ""{AwsEc2SecurityGroup}"" ({AwsEc2SecurityGroup.GroupId}) is configured to allow inbound traffic to predefined blocked ports (21,22,135,137-139,445,69) Open ports: [{AwsEc2SecurityGroup.SgIpPermissions.PortRange}].
  • Recommend icon

    Recommended Mitigation

    Ensure security groups in your account are not configured to allow inbound traffic to predefined blocked ports (21,22,135,137-139,445,69). More details can be found in <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/authorizing-access-to-an-instance.html" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/authorizing-access-to-an-instance.html</a>

Need help?

Get a free Security Risk Assessment. Start today

A screenshot of the Orca platform dashboard summarizing all of your cloud security risks

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo