Inbound CIFS access should be restricted to trusted networks

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください

Description

Audit your EC2 security groups to ensure that inbound rules do not allow unrestricted access to TCP port 445, which is typically used for client/server communications. Unrestricted access on this port can expose your system to security vulnerabilities, such as denial-of-service (DoS) attacks and man-in-the-middle (MITM) exploits, by utilizing the Common Internet File System (CIFS). It is essential to restrict access to this port to only the necessary IP addresses to mitigate unauthorized access and potential breaches. Implementing these changes helps maintain secure communication pathways within your network infrastructure.

Remediation

Follow the Security Group Rules documentation for detailed guidance on modifying security group rules to limit access to TCP port 445, thereby strengthening your security framework.