Unrestricted access between network segments - AWS
Description
The infrastructure definition for network segments in the AWS context is too permissive.
Impact
- Expose resources, processes and sensitive information that could be compromised. - Accept incoming or outcoming connections that should be restricted by design
Recommendation
Limit network segments, ports, IP addresses, network protocols, and administrative services only to the required users.
Threat
Anonymous attacker from Internet.
Expected Remediation Time
⏱️ 120 minutes.
Requirements
255 - Allow access only to the necessary portsRules
Aws Admin Ports OpenAws Default Allows All TrafficAws All Ports Open PublicAws Rfc1918 Ip RangesAws Allow All IngressAws Allow All EgressAws Unrestricted Broker AccessAws Unrestricted Ip ProtocolsAws Unrestricted Ftp AccessAws Insecure Port RangesAws Unrestricted CidrAws Anonymous AccessAws Unrestricted Dns AccessAws Unrestricted CidrsJson Yaml Unrestricted Dns Port 53Json Yaml Security Group Unrestricted PortsJson Yaml All Outbound Traffic AllowedJson Yaml All Protocols AllowedJson Yaml Unrestricted Ftp AccessTerraform Unrestricted Dns AccessTerraform Admin Ports Open To WorldJson Yaml Security Group Rfc1918 CidrJson Yaml Open All Ports To PublicTerraform All Ports Open To WorldTerraform Open All Ports To PublicTerraform Unrestricted Ip ProtocolsJson Yaml Unrestricted Cidrs In Security GroupTerraform Security Group Unrestricted PortsTerraform Unrestricted Ftp AccessTerraform Security Group Open CidrsJson Yaml Admin Ports Open To WorldFixes