RDP Access Is Not Restricted
- Query id: 50cb6c3b-c878-4b88-b50e-d1421bada9e8
- Query name: RDP Access Is Not Restricted
- Platform: GoogleDeploymentManager
- Severity: Medium
- Category: Networking and Firewall
- URL: Github
Description¶
Check if the Google compute firewall allows unrestricted RDP access. Allowed ports should not contain RDP port 3389
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
resources:
- name: firewall
type: compute.v1.firewall
properties:
name: my-firewall
sourceRanges:
- "0.0.0.0/0"
allowed:
- IPProtocol: icmp
ports:
- "80"
- "8080"
- "1000-2000"
- IPProtocol: tcp
ports:
- "80"
- "8080"
- "1000-2000"
- "3389"
Positive test num. 2 - yaml file
resources:
- name: firewall
type: compute.v1.firewall
properties:
name: my-firewall
sourceRanges:
- "::/0"
allowed:
- IPProtocol: icmp
ports:
- "80"
- "8080"
- "1000-2000"
- IPProtocol: udp
ports:
- "80"
- "8080"
- "1000-2000"
- "21-3389"
Positive test num. 3 - yaml file
resources:
- name: firewall
type: compute.v1.firewall
properties:
name: my-firewall
sourceRanges:
- "::/0"
allowed:
- IPProtocol: all