Security groups should restrict traffic to trusted IPv4 addresses

ec2
Esta página aún no está disponible en español. Estamos trabajando en su traducción.
Si tienes alguna pregunta o comentario sobre nuestro actual proyecto de traducción, no dudes en ponerte en contacto con nosotros.

Description

Security groups provide stateful filtering of ingress and egress network traffic to AWS resources. Allowing unrestricted ingress access to remote server administration ports, such as SSH (port 22) and RDP (port 3389), increases the attack surface and raises the risk of resource compromise. It is recommended to restrict access to these ports to ensure improved security. Before making changes, ensure that administrators have alternative access to remote server administration ports.

Remediation

For guidance on modifying security groups to restrict access, refer to the AWS Security Groups documentation.