Ensure firewall rules exist for all open ports

An XCCDF Rule

Details
Profiles
Prose

Description

Any ports that have been opened on non-loopback addresses need firewall rules to govern traffic.

warning alert: Warning

To prevent denying any access to the system, automatic remediation of this control is not available. Remediation must be automated as a component of machine provisioning, or followed manually as outlined above.

Rationale

Without a firewall rule configured for open ports default firewall policy will drop all packets to these ports.

ID: xccdf_org.ssgproject.content_rule_ensure_firewall_rules_for_open_ports
Severity: Medium
References: Req-1.4

1.3.1 1.5.1

3.5.3.2.4 3.5.3.3.4

CCE-91411-9
Updated: about 1 year ago