Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: VPC security groups should restrict ingress TCP and UDP access from 0.0.0.0/0

This rule ensures secure configuration by restricting TCP and UDP access to VPC security groups.

RuleVPC security groups should restrict ingress TCP and UDP access from 0.0.0.0/0
FrameworkNIST 800-171 Revision 2
Severity
High

Rule Description:

VPC security groups in the network should restrict ingress TCP and UDP access from the IP range 0.0.0.0/0. This rule is in compliance with the NIST 800-171 Revision 2 security standard.

TCP and UDP protocols are commonly used for data communication purposes in computer networks. Opening unrestricted access to these protocols from any source IP address (0.0.0.0/0) can potentially expose the network to security risks and unauthorized access.

Troubleshooting Steps:

  2. 1.
    Verify the current inbound rules in the VPC security groups.
  4. 2.
    Check if there are any existing rules allowing ingress TCP or UDP access from 0.0.0.0/0.
  6. 3.
    Ensure that the appropriate security group(s) is associated with the desired VPC.

Necessary Code:

No code is required for this rule. Instead, modifications need to be made to the existing security group settings.

Remediation Steps:

  2. 1.
    Sign in to the AWS Management Console.
  4. 2.
    Open the Amazon VPC console.
  6. 3.
    In the navigation pane, choose "Security Groups".
  8. 4.
    Select the relevant security group(s) that need to be updated.
  10. 5.
    In the "Inbound rules" section, locate any existing rules allowing ingress TCP or UDP access from 0.0.0.0/0.
  12. 6.
    Select the rule(s) and choose "Delete" to remove them.
  14. 7.
    Click on "Edit inbound rules".
  16. 8.
    Click on "Add Rule".
  18. 9.
    Select the protocol (TCP or UDP).
  20. 10.
    Provide the appropriate port range for the protocol you selected.
  22. 11.
    In the "Source" field, provide the specific IP range or address that should be allowed for ingress access. (Example: 10.0.0.0/24)
  24. 12.
    Click on "Save rules" to apply the changes.

Note:

Ensure that you have a backup plan or rollback strategy in case the updated security group settings cause any unintended consequences or disruption to the network connectivity. It is recommended to thoroughly test the new rules before enforcing them in a production environment.

Is your System Free of Underlying Vulnerabilities?
Find Out Now