More Info:

ICMP ports should not be open for EC2 instances.

Risk Level

Medium

Address

Security

Compliance Standards

NIST

Triage and Remediation

Remediation

To remediate the misconfiguration of an EC2 instance having open ICMP ports in AWS Security Groups, follow these steps using the AWS Management Console:

  1. Sign in to the AWS Management Console.
  2. Navigate to the EC2 dashboard.
  3. In the navigation pane, choose “Security Groups.”
  4. Select the security group associated with the EC2 instance that has open ICMP ports.
  5. In the “Inbound rules” tab, locate the rule that allows ICMP traffic (Protocol: ICMP) with any source (0.0.0.0/0 or ::/0).
  6. Select the rule by checking the box next to it.
  7. Click on the “Actions” dropdown menu and choose “Edit inbound rules.”
  8. In the Edit inbound rules dialog box, locate the ICMP rule and click on the “X” icon to remove it.
  9. Click the “Save rules” button to apply the changes.

By following these steps, you have remediated the misconfiguration of the EC2 instance having open ICMP ports in the AWS Security Group. Now, the instance will no longer allow ICMP traffic from any source.

Additional Reading: