Publicly accessible EC2 instance should not have open administrative ports

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

This rule checks if an EC2 instance accessible from the public internet has open administrative ports, specifically port 22 (SSH) and port 3389 (RDP). Having these ports open poses a security risk as it can expose the instance to unauthorized access.

Remediation

To remediate this issue, Datadog recommends restricting access to administrative ports (22 for SSH and 3389 for RDP) on your EC2 instances by configuring your security groups to allow connections only from trusted IP addresses. For detailed guidance, see the AWS Security Group documentation, Amazon EC2 Security Groups for Linux Instances.