AWS-EC2-Open-VNC-Client

Severity: High

Description: This controls ensures that no security group allows ingress from 0.0.0.0/0 to TCP port 5500 for VNC Client. Security groups provide stateful filtering ingress/egress network traffic to AWS resources. It is recommended that no security group allows unrestricted ingress access to TCP port 5500 for VNC Client.

Remediation Steps:

Perform following to update security group:

1. Login to the AWS Management Console at https://console.aws.amazon.com.

2. Navigate to VPC console.

3. In the left pane, click Security Groups.

4. Select the security group reported.

5. Click the Inbound Rules tab.

6. Click Edit rules.

7. Identify the rules to be removed.

8. Click the x in the Remove column.

9. Click Save rules.

Important:

• Remediating may result in user losing some connection whose IP is not whitelisted in rules.

Reference:

• https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html#deleting-security-group-rule