Remote Desktop Port Open To Internet

  • Query id: eda7301d-1f3e-47cf-8d4e-976debc64341
  • Query name: Remote Desktop Port Open To Internet
  • Platform: Ansible
  • Severity: High
  • Category: Networking and Firewall
  • URL: Github

Description

The Remote Desktop port is open to the internet in a Security Group
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file
- name: example ec2 group1
  amazon.aws.ec2_group:
    name: example
    description: an example EC2 group
    vpc_id: 12345
    region: eu-west-1
    aws_secret_key: SECRET
    aws_access_key: ACCESS
    rules:
      - proto: tcp
        from_port: 3380
        to_port: 3450
        cidr_ip: 0.0.0.0/0

- name: example ec2 group2
  amazon.aws.ec2_group:
    name: example2
    description: an example EC2 group
    vpc_id: 12345
    region: eu-west-1
    aws_secret_key: SECRET
    aws_access_key: ACCESS
    rules:
      - proto: tcp
        ports: 3389
        cidr_ip: 0.0.0.0/0

- name: example ec2 group3
  amazon.aws.ec2_group:
    name: example3
    description: an example EC2 group
    vpc_id: 12345
    region: eu-west-1
    aws_secret_key: SECRET
    aws_access_key: ACCESS
    rules:
      - proto: tcp
        ports: 3380-3450
        cidr_ip: 0.0.0.0/0

- name: example ec2 group4
  amazon.aws.ec2_group:
    name: example4
    description: an example EC2 group
    vpc_id: 12345
    region: eu-west-1
    aws_secret_key: SECRET
    aws_access_key: ACCESS
    rules:
      - proto: tcp
        ports:
          - 80
          - 3380-3450
        cidr_ip: 0.0.0.0/0

- name: example ec2 group5
  amazon.aws.ec2_group:
    name: example5
    description: an example EC2 group
    vpc_id: 12345
    region: eu-west-1
    aws_secret_key: SECRET
    aws_access_key: ACCESS
    rules:
      - proto: tcp
        ports:
          - 3389
          - 10-50
        cidr_ip: 0.0.0.0/0

- name: example ec2 group6
  amazon.aws.ec2_group:
    name: example1
    description: an example EC2 group
    vpc_id: 12345
    region: eu-west-1
    aws_secret_key: SECRET
    aws_access_key: ACCESS
    rules:
      - proto: tcp
        from_port: -1
        to_port: 25
        cidr_ip: 0.0.0.0/0

- name: example ec2 group7
  amazon.aws.ec2_group:
    name: example1
    description: an example EC2 group
    vpc_id: 12345
    region: eu-west-1
    aws_secret_key: SECRET
    aws_access_key: ACCESS
    rules:
      - proto: tcp
        from_port: 15
        to_port: -1
        cidr_ip: 0.0.0.0/0

Code samples without security vulnerabilities

Negative test num. 1 - yaml file
- name: example ec2 group1
  amazon.aws.ec2_group:
    name: example
    description: an example EC2 group
    vpc_id: 12345
    region: eu-west-1
    aws_secret_key: SECRET
    aws_access_key: ACCESS
    rules:
    - proto: tcp
      from_port: 3380
      to_port: 3450
      cidr_ip: 0.0.0.0/1

- name: example ec2 group2
  amazon.aws.ec2_group:
    name: example2
    description: an example EC2 group
    vpc_id: 12345
    region: eu-west-1
    aws_secret_key: SECRET
    aws_access_key: ACCESS
    rules:
    - proto: tcp
      ports: 3389
      cidr_ip: 0.0.1.0/0

- name: example ec2 group3
  amazon.aws.ec2_group:
    name: example3
    description: an example EC2 group
    vpc_id: 12345
    region: eu-west-1
    aws_secret_key: SECRET
    aws_access_key: ACCESS
    rules:
    - proto: tcp
      ports: 3380-3450
      cidr_ip: 0.1.0.0/0

- name: example ec2 group4
  amazon.aws.ec2_group:
    name: example4
    description: an example EC2 group
    vpc_id: 12345
    region: eu-west-1
    aws_secret_key: SECRET
    aws_access_key: ACCESS
    rules:
    - proto: tcp
      ports:
      - 80
      - 3380-3450
      cidr_ip: 10.0.0.0/0

- name: example ec2 group5
  amazon.aws.ec2_group:
    name: example5
    description: an example EC2 group
    vpc_id: 12345
    region: eu-west-1
    aws_secret_key: SECRET
    aws_access_key: ACCESS
    rules:
    - proto: tcp
      ports:
      - 3389
      - 10-50
      cidr_ip: 10.0.0.0/0

- name: example ec2 group6
  amazon.aws.ec2_group:
    name: example1
    description: an example EC2 group
    vpc_id: 12345
    region: eu-west-1
    aws_secret_key: SECRET
    aws_access_key: ACCESS
    rules:
    - proto: tcp
      from_port: -1
      to_port: 25
      cidr_ip: 0.1.0.0/0

- name: example ec2 group7
  amazon.aws.ec2_group:
    name: example1
    description: an example EC2 group
    vpc_id: 12345
    region: eu-west-1
    aws_secret_key: SECRET
    aws_access_key: ACCESS
    rules:
    - proto: tcp
      from_port: 15
      to_port: -1
      cidr_ip: 0.0.0.1/0