Unrestricted CIFS Access Should Not Be Allowed
More Info:
No AWS EC2 security group should allow unrestricted inbound access to TCP port 445 and (CIFS).Risk Level
MediumAddress
SecurityCompliance Standards
HITRUST, AWSWAF, GDPR, SOC2, NISTCSF, PCIDSS, FedRAMPTriage and Remediation
Remediation
Using Console
Using Console
To remediate the unrestricted CIFS access issue in AWS, you can follow the below steps:
- Login to the AWS Management Console.
- Go to the EC2 dashboard.
- Select the Security Group associated with the EC2 instance that has unrestricted CIFS access.
- Click on the “Inbound Rules” tab.
- Locate the rule that allows unrestricted CIFS access and select it.
- Click on the “Edit” button.
- Change the source IP range to only allow access from trusted IP addresses or a specific IP range.
- Save the changes.
Using CLI
Using CLI
To remediate the misconfiguration of unrestricted CIFS access in AWS using AWS CLI, you can follow these steps:Replace This command should return the updated policy for the file system.
- Open the AWS CLI on your local machine or EC2 instance.
- Run the following command to list all the Amazon Elastic File System (Amazon EFS) file systems in your AWS account:
- Identify the file system that has unrestricted CIFS access.
- Run the following command to modify the file system policy to restrict CIFS access:
fs-12345678 with the ID of the file system that has unrestricted CIFS access.- Verify that the policy has been updated by running the following command:
- Test the file system to ensure that CIFS access has been restricted.
Using Python
Using Python
To remediate unrestricted CIFS access in AWS using Python, follow these steps:By following these steps, you can remediate unrestricted CIFS access in AWS using Python.
- Import the necessary libraries:
- Create an Amazon S3 client:
- Retrieve the current bucket policy:
- Check if the policy allows unrestricted CIFS access:
- If the policy allows unrestricted CIFS access, remove the CIFS permission from the policy:
- Update the bucket policy: