RDP Access Is Not Restricted
- Query id: 75418eb9-39ec-465f-913c-6f2b6a80dc77
- Query name: RDP Access Is Not Restricted
- Platform: Ansible
- Severity: High
- Category: Networking and Firewall
- URL: Github
Description¶
Check if the Google compute firewall allows unrestricted RDP access. Allowed ports should not contain RDP port 3389
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
- name: rdp_in_range
google.cloud.gcp_compute_firewall:
name: test_object
source_ranges:
- "0.0.0.0/0"
allowed:
- ip_protocol: tcp
ports:
- "22"
- "80"
- "8080"
- "2000-4000"
target_tags:
- test-ssh-server
- staging-ssh-server
source_tags:
- test-ssh-clients
project: test_project
auth_kind: serviceaccount
service_account_file: "/tmp/auth.pem"
state: present
- name: rdp_in_port
google.cloud.gcp_compute_firewall:
name: test_object
source_ranges:
- "0.0.0.0/0"
allowed:
- ip_protocol: tcp
ports:
- "22"
- "80"
- "3389"
target_tags:
- test-ssh-server
- staging-ssh-server
source_tags:
- test-ssh-clients
project: test_project
auth_kind: serviceaccount
service_account_file: "/tmp/auth.pem"
state: present
Code samples without security vulnerabilities¶
Negative test num. 1 - yaml file
- name: create a firewall
google.cloud.gcp_compute_firewall:
name: test_object
allowed:
- ip_protocol: tcp
ports:
- '80'
target_tags:
- test-ssh-server
- staging-ssh-server
source_tags:
- test-ssh-clients
project: test_project
auth_kind: serviceaccount
service_account_file: /tmp/auth.pem
state: present