Triage and Remediation
Remediation
Using Console
Using Console
To remediate the SMTP Port Should Not Be Open misconfiguration in GCP using the GCP console, follow these steps:
- Log in to the GCP console (https://console.cloud.google.com/).
- Navigate to the Cloud Console.
- Select the project where the VM instance is running.
- In the left-hand menu, click on “Compute Engine” and then “VM instances”.
- Locate the instance that has the open SMTP port and click on the name of the instance.
- In the details pane, click on the “Edit” button at the top of the page.
- Scroll down to the “Firewall” section and click on “Networking interfaces”.
- Locate the “default-allow-smtp” rule and click on the trash icon to delete the rule.
- Click on the “Save” button at the bottom of the page to apply the changes.
Using CLI
Using CLI
To remediate the “SMTP Port Should Not Be Open” misconfiguration in GCP using GCP CLI, you can follow these steps:
- Open the Cloud Shell in your GCP Console.
-
Run the following command to list all the firewall rules in your project:
gcloud compute firewall-rules list - Identify the firewall rule that allows SMTP traffic. You can look for a rule that has a target tag that allows SMTP traffic, such as “allow-smtp”.
-
Run the following command to delete the firewall rule:
gcloud compute firewall-rules delete [FIREWALL_RULE_NAME]Replace [FIREWALL_RULE_NAME] with the name of the firewall rule that allows SMTP traffic. - Confirm the deletion by typing “y” and pressing enter.
-
Verify that the firewall rule has been deleted by running the following command:
gcloud compute firewall-rules listYou should no longer see the firewall rule that allows SMTP traffic.
Using Python
Using Python
To remediate the SMTP Port Should Not Be Open misconfiguration in GCP using Python, follow the below steps:Replace [FIREWALL_RULE_NAME] with the name of the firewall rule that allows SMTP traffic.By following the above steps, you can remediate the SMTP Port Should Not Be Open misconfiguration in GCP using Python.
- First, you need to identify the instance(s) in your GCP project that has SMTP Port open. You can use the following command in the Cloud Shell to list all the instances in your project:
- Once you have identified the instance(s) with open SMTP Port, you need to connect to the instance(s) using SSH. You can use the following command to connect to an instance:
- After you have connected to the instance, you need to check if the SMTP service is running. You can use the following command to check the status of the SMTP service:
- If the SMTP service is running, you need to stop it using the following command:
- After stopping the SMTP service, you need to disable it so that it does not start automatically on system startup. You can use the following command to disable the SMTP service:
- Finally, you need to close the SMTP port by modifying the firewall rules. You can use the following command to close the SMTP port:
- Once you have completed the above steps, you can exit the SSH session using the following command: