Skip to main content

💼 [EC2.21] Network ACLs should not allow ingress from 0.0.0.0/0 to port 22 or port 3389

Contextual name: 💼 [EC2.21] Network ACLs should not allow ingress from 0.0.0.0/0 to port 22 or port 3389
ID: /frameworks/aws-fsbp-v1.0.0/ec2/21
Located in: 💼 Elastic Compute Cloud (EC2)

Description

Access to remote server administration ports, such as port 22 (SSH) and port 3389 (RDP), should not be publicly accessible, as this may allow unintended access to resources within your VPC.

Similar

AWS Security Hub
- https://docs.aws.amazon.com/securityhub/latest/userguide/ec2-controls.html#ec2-21
Internal
- ID: dec-c-5c49db5a

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST SP 800-53 Revision 5 → 💼 AC-4(21) Information Flow Enforcement _ Physical or Logical Separation of Information Flows		35	39
💼 NIST SP 800-53 Revision 5 → 💼 CA-9(1) Internal System Connections _ Compliance Checks			15
💼 NIST SP 800-53 Revision 5 → 💼 CM-2 Baseline Configuration	7		13
💼 NIST SP 800-53 Revision 5 → 💼 CM-2(2) Baseline Configuration _ Automation Support for Accuracy and Currency			13
💼 NIST SP 800-53 Revision 5 → 💼 CM-7 Least Functionality	9		11
💼 NIST SP 800-53 Revision 5 → 💼 SC-7 Boundary Protection	29	5	33
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(5) Boundary Protection _ Deny by Default — Allow by Exception		5	19
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(21) Boundary Protection _ Isolation of System Components			16
💼 PCI DSS v4.0.1 → 💼 1.3.1 Inbound traffic to the CDE is restricted.			14

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (1)

Policy	Logic Count	Flags
📝 AWS VPC Network ACL exposes admin ports to public internet ports 🟢	1	🟢 x6

Description
Similar
Similar Sections (Give Policies To)
Sub Sections
Policies (1)