Remote Desktop Port Open To Internet
- Query id: 151187cb-0efc-481c-babd-ad24e3c9bc22
- Query name: Remote Desktop Port Open To Internet
- Platform: Terraform
- Severity: High
- Category: Networking and Firewall
- CWE: 668
- URL: Github
Description¶
The Remote Desktop port is open to the internet in a Security Group
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "aws_security_group" "positive1" {
name = "rdp_positive_tcp_1"
description = "Gets the remote desktop port open with the tcp protocol"
ingress {
description = "Remote desktop port open"
from_port = 3380
to_port = 3450
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "aws_security_group" "positive2" {
name = "rdp_positive_tcp_2"
description = "Gets the remote desktop port open with the tcp protocol"
ingress {
description = "Remote desktop port open"
from_port = 3381
to_port = 3445
protocol = "tcp"
cidr_blocks = ["1.0.0.0/0"]
}
ingress {
description = "Remote desktop port open"
from_port = 3000
to_port = 4000
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
}
Code samples without security vulnerabilities¶
Negative test num. 1 - tf file
resource "aws_security_group" "negative1" {
name = "Dont open remote desktop port"
description = "Doesn't enable the remote desktop port"
}
resource "aws_security_group" "negative2" {
ingress {
description = "Remote desktop open private"
from_port = 3380
to_port = 3450
protocol = "tcp"
}
}
resource "aws_security_group" "negative_rdp_2" {
ingress {
description = "Remote desktop open private"
from_port = 3380
to_port = 3450
protocol = "tcp"
cidr_blocks = ["0.1.0.0/0"]
}
}