Remote Desktop Port Open To Internet

• Query id: 151187cb-0efc-481c-babd-ad24e3c9bc22
• Query name: Remote Desktop Port Open To Internet
• Platform: Terraform
• Severity: High
• Category: Networking and Firewall
• CWE: 668
• URL: Github

Description

The Remote Desktop port is open to the internet in a Security Group
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - tf file

resource "aws_security_group" "positive1" {
  name        = "rdp_positive_tcp_1"
  description = "Gets the remote desktop port open with the tcp protocol"

  ingress {
    description = "Remote desktop port open"
    from_port   = 3380
    to_port     = 3450
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

resource "aws_security_group" "positive2" {
  name        = "rdp_positive_tcp_2"
  description = "Gets the remote desktop port open with the tcp protocol"

  ingress {
    description = "Remote desktop port open"
    from_port   = 3381
    to_port     = 3445
    protocol    = "tcp"
    cidr_blocks = ["1.0.0.0/0"]
  }

  ingress {
    description = "Remote desktop port open"
    from_port   = 3000
    to_port     = 4000
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

Code samples without security vulnerabilities

Negative test num. 1 - tf file

resource "aws_security_group" "negative1" {
  name        = "Dont open remote desktop port"
  description = "Doesn't enable the remote desktop port"

}

resource "aws_security_group" "negative2" {

  ingress {
    description = "Remote desktop open private"
    from_port   = 3380
    to_port     = 3450
    protocol    = "tcp"
  }
}

resource "aws_security_group" "negative_rdp_2" {

  ingress {
    description = "Remote desktop open private"
    from_port   = 3380
    to_port     = 3450
    protocol    = "tcp"
    cidr_blocks = ["0.1.0.0/0"]
  }
}