Port 3389 (Windows RDP) Open to the World

This bot identifies when a Resource Access List is created whether it allows unrestricted access (0.0.0.0/0) to TCP port 3389 (Windows Remote Desktop Protocol).

Unrestricted access increases your infrastructure attack surface and can create opportunities for theft of data, loss of data, or hacking.

Recommended Action

Modify the Resource Access List to prevent unrestricted access. If the port is intended to allow unrestricted access, then consider additional security measures to secure your infrastructure such as IP tables.

Recommended Action

Modify the Resource Access List accordingly.

Severity

High

Resource Types Inspected

Resource Access List

Reactive Hookpoints

resource.created