OCI-011 Oracle Cloud Infrastructure (OCI)

Security lists do not allow unrestricted RDP (3389) from 0.0.0.0/0.

Security lists do not allow unrestricted RDP (3389) from 0.0.0.0/0.

Domain
Oracle Cloud Infrastructure (OCI)
Area
Networking
Automated / manual
Automated

Risk if it fails

Open RDP is a ransomware entry point.

RDP exposed to the internet is a favourite of ransomware crews: guess a password, log into the desktop, then encrypt everything they can reach.

How Tess tests it

1 test — each concludes only on cited evidence.

Security lists do not allow unrestricted RDP (3389) from 0.0.0.0/0.

Automated
Procedure
Inspect security lists for ingress 3389 from 0.0.0.0/0.

Read-only command 

oci network security-list list --compartment-id <compartment-ocid> --all --query "data[?contains(to_string(\"ingress-security-rules\"),'3389')]"

More in Oracle Cloud Infrastructure (OCI)

OCI-001 MFA is enforced for all IAM users, especially administrators. OCI-002 Customer secret keys / API keys are rotated regularly (<=90 days). OCI-003 A strong password policy is configured. OCI-004 Membership of the Administrators group is minimal.

Want Tess to test OCI-011 against your evidence?

Book a demo