VIEW RULE IN DATADOG VIEW MISCONFIGURATIONS

Description

Audit your EC2 security groups to ensure that inbound rules do not allow unrestricted access to TCP port 445, which is typically used for client/server communications. Unrestricted access on this port can expose your system to security vulnerabilities, such as denial-of-service (DoS) attacks and man-in-the-middle (MITM) exploits, by utilizing the Common Internet File System (CIFS). It is essential to restrict access to this port to only the necessary IP addresses to mitigate unauthorized access and potential breaches. Implementing these changes helps maintain secure communication pathways within your network infrastructure.

Remediation

Follow the Security Group Rules documentation for detailed guidance on modifying security group rules to limit access to TCP port 445, thereby strengthening your security framework.