Inbound CIFS access should be restricted to trusted networks

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

Audit your EC2 security groups to ensure that inbound rules do not allow unrestricted access to TCP port 445, which is typically used for client/server communications. Unrestricted access on this port can expose your system to security vulnerabilities, such as denial-of-service (DoS) attacks and man-in-the-middle (MITM) exploits, by utilizing the Common Internet File System (CIFS). It is essential to restrict access to this port to only the necessary IP addresses to mitigate unauthorized access and potential breaches. Implementing these changes helps maintain secure communication pathways within your network infrastructure.

Remediation

Follow the Security Group Rules documentation for detailed guidance on modifying security group rules to limit access to TCP port 445, thereby strengthening your security framework.