Remote administration port access should be restricted to trusted networks

vpc
This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

The Network Access Control List (NACL) provides stateless filtering of ingress and egress network traffic to AWS resources. Allowing unrestricted ingress access to remote server administration ports, such as SSH (port 22) and RDP (port 3389), can significantly increase the risk of unauthorized access and potential compromise of resources. It is recommended to restrict access to these ports to minimize the attack surface and enhance security.

Remediation

For detailed guidance on configuring network ACLs to restrict access, refer to the VPC Network ACLs documentation.