Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

Severity: High

Description: This controls ensures that  that no Network ACLs allow ingress from 0.0.0.0/0 to port 22.  It is recommended that no NACL allows unrestricted ingress access to port 22. Public access to port 22, increases the resource attack surface and unnecessarily raises the risk of resource compromise.

Remediation Steps:

Perform following to modify the default security group for VPC:

  1. Login to the AWS Management Console at https://console.aws.amazon.com.

  2. Navigate to VPC console.

  3. In the left pane, click Network ACLs.

  4. Select the network ACL to be updated.

  5. Click the Inbound Rules tab.

  6. Click Edit inbound rules.

  7. For the rule which allows ingress from 0.0.0.0/0 to port 22 either update the Source field to a range other than 0.0.0.0/0 or Click Delete to remove the inbound rule.

  8. Click Save.

Important:

Reference:

  • No labels