Detections
Analytics

Ensure NetBIOS Datagram Service (Udp:138) is not exposed to more than 32 private hosts for Azure Network Security Rule

LOW

Description

NetBIOS Datagram Service (Udp:138) is exposed to more than 32 private hosts for Azure Network Security Rule.

Remediation

Configure Network Security Rule for port 138 to ensure it is not exposed to more than 32 private hosts. In console -

  1. In settings of NSG select Inbound security rules.
  2. Use Add button here to add security rules.
  3. Create security rules for any application, port range, ip range.
    In terraform -
    Set the value of 'access' to [allow | deny]. Set the value of 'direction' to 'inbound'. Set the value of 'source_address_prefix' to an IP address or a range of IP addresses. These network security rules in controlling inbound connections to your resources in Azure.

Policy Details

Rule Reference ID: AC_AZURE_0476
CSP: Azure
Remediation Available: Yes
Domain: Infrastructure Security
Resource: azurerm_network_security_rule
Resource Category: Virtual Network
Resource Type: Security Group

Frameworks