Remote Desktop Port Open To Internet
- Query id: eda7301d-1f3e-47cf-8d4e-976debc64341
- Query name: Remote Desktop Port Open To Internet
- Platform: Ansible
- Severity: High
- Category: Networking and Firewall
- URL: Github
Description¶
The Remote Desktop port is open to the internet in a Security Group
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
- name: example ec2 group1
amazon.aws.ec2_group:
name: example
description: an example EC2 group
vpc_id: 12345
region: eu-west-1
aws_secret_key: SECRET
aws_access_key: ACCESS
rules:
- proto: tcp
from_port: 3380
to_port: 3450
cidr_ip: 0.0.0.0/0
- name: example ec2 group2
amazon.aws.ec2_group:
name: example2
description: an example EC2 group
vpc_id: 12345
region: eu-west-1
aws_secret_key: SECRET
aws_access_key: ACCESS
rules:
- proto: tcp
ports: 3389
cidr_ip: 0.0.0.0/0
- name: example ec2 group3
amazon.aws.ec2_group:
name: example3
description: an example EC2 group
vpc_id: 12345
region: eu-west-1
aws_secret_key: SECRET
aws_access_key: ACCESS
rules:
- proto: tcp
ports: 3380-3450
cidr_ip: 0.0.0.0/0
- name: example ec2 group4
amazon.aws.ec2_group:
name: example4
description: an example EC2 group
vpc_id: 12345
region: eu-west-1
aws_secret_key: SECRET
aws_access_key: ACCESS
rules:
- proto: tcp
ports:
- 80
- 3380-3450
cidr_ip: 0.0.0.0/0
- name: example ec2 group5
amazon.aws.ec2_group:
name: example5
description: an example EC2 group
vpc_id: 12345
region: eu-west-1
aws_secret_key: SECRET
aws_access_key: ACCESS
rules:
- proto: tcp
ports:
- 3389
- 10-50
cidr_ip: 0.0.0.0/0
- name: example ec2 group6
amazon.aws.ec2_group:
name: example1
description: an example EC2 group
vpc_id: 12345
region: eu-west-1
aws_secret_key: SECRET
aws_access_key: ACCESS
rules:
- proto: tcp
from_port: -1
to_port: 25
cidr_ip: 0.0.0.0/0
- name: example ec2 group7
amazon.aws.ec2_group:
name: example1
description: an example EC2 group
vpc_id: 12345
region: eu-west-1
aws_secret_key: SECRET
aws_access_key: ACCESS
rules:
- proto: tcp
from_port: 15
to_port: -1
cidr_ip: 0.0.0.0/0
Code samples without security vulnerabilities¶
Negative test num. 1 - yaml file
- name: example ec2 group1
amazon.aws.ec2_group:
name: example
description: an example EC2 group
vpc_id: 12345
region: eu-west-1
aws_secret_key: SECRET
aws_access_key: ACCESS
rules:
- proto: tcp
from_port: 3380
to_port: 3450
cidr_ip: 0.0.0.0/1
- name: example ec2 group2
amazon.aws.ec2_group:
name: example2
description: an example EC2 group
vpc_id: 12345
region: eu-west-1
aws_secret_key: SECRET
aws_access_key: ACCESS
rules:
- proto: tcp
ports: 3389
cidr_ip: 0.0.1.0/0
- name: example ec2 group3
amazon.aws.ec2_group:
name: example3
description: an example EC2 group
vpc_id: 12345
region: eu-west-1
aws_secret_key: SECRET
aws_access_key: ACCESS
rules:
- proto: tcp
ports: 3380-3450
cidr_ip: 0.1.0.0/0
- name: example ec2 group4
amazon.aws.ec2_group:
name: example4
description: an example EC2 group
vpc_id: 12345
region: eu-west-1
aws_secret_key: SECRET
aws_access_key: ACCESS
rules:
- proto: tcp
ports:
- 80
- 3380-3450
cidr_ip: 10.0.0.0/0
- name: example ec2 group5
amazon.aws.ec2_group:
name: example5
description: an example EC2 group
vpc_id: 12345
region: eu-west-1
aws_secret_key: SECRET
aws_access_key: ACCESS
rules:
- proto: tcp
ports:
- 3389
- 10-50
cidr_ip: 10.0.0.0/0
- name: example ec2 group6
amazon.aws.ec2_group:
name: example1
description: an example EC2 group
vpc_id: 12345
region: eu-west-1
aws_secret_key: SECRET
aws_access_key: ACCESS
rules:
- proto: tcp
from_port: -1
to_port: 25
cidr_ip: 0.1.0.0/0
- name: example ec2 group7
amazon.aws.ec2_group:
name: example1
description: an example EC2 group
vpc_id: 12345
region: eu-west-1
aws_secret_key: SECRET
aws_access_key: ACCESS
rules:
- proto: tcp
from_port: 15
to_port: -1
cidr_ip: 0.0.0.1/0