Azure NSG 漏洞列表

Ensure that an Azure activity log alert is fired whenever "Create" or "Update Network Security Group" events are triggered within your Microsoft Azure cloud account. Activity log alerts get activated when a new activity log event that matches the condition specified in the alert occurs. In this case, the alert condition that we search for is 'Whenever the Administrative Activity Log "Create or Update Network Security Group (Microsoft.Network/networkSecurityGroups)" has "any" level, with "any" status and event is initiated by "any"'.

Ensure that an Azure activity log alert is used to detect "Delete Network Security Group Rule" events in your Microsoft Azure cloud account. Activity log alerts get activated when a new activity log event that matches the condition specified in the alert occurs. In this case, the condition used is 'Whenever the Administrative Activity Log "Delete Security Rule (networkSecurityGroups/securityRules)" has "any" level with "any" status and event is initiated by "any"'.

Ensure that Microsoft Azure network security groups (NSGs) do not allow unrestricted access on TCP port 445, used by Common Internet File System (CIFS), to prevent unauthorized access.

Ensure that Microsoft Azure network security groups (NSGs) do not allow unrestricted access on TCP ports 20 and 21, used for File Transfer Protocol (FTP), to protect against unauthorized file transfers.

Ensure that Microsoft Azure network security groups (NSGs) do not allow unrestricted access on TCP port 80 to protect against attackers using brute force methods to gain access to Azure virtual machines associated with these NSGs.

Ensure that Microsoft Azure network security groups (NSGs) do not allow unrestricted access on TCP port 443, used for HTTPS, to protect against unauthorized access and data breaches.

Ensure that Microsoft Azure network security groups (NSGs) do not allow unrestricted inbound access on TCP ports 27017, 27018, and 27019, used by MongoDB, to prevent unauthorized database access.

Ensure that Microsoft Azure network security groups (NSGs) do not allow unrestricted ingress access on TCP port 3306, used by MySQL Database, to prevent unauthorized database access and potential data breaches.

Ensure that Microsoft Azure network security groups (NSGs) do not allow unrestricted inbound access on TCP port 5432, used by PostgreSQL Database Server, to prevent unauthorized database access.

Ensure that Microsoft Azure network security groups (NSGs) do not allow unrestricted access on TCP port 3389, used for Remote Desktop Protocol (RDP), to prevent unauthorized remote access.

Ensure that Microsoft Azure network security groups (NSGs) do not allow unrestricted inbound access on TCP port 25, used for Simple Mail Transfer Protocol (SMTP), to prevent spam and unauthorized email relay.

Ensure that Microsoft Azure network security groups (NSGs) do not allow unrestricted access on TCP port 22, used for Secure Shell (SSH), to prevent unauthorized access and potential breaches.

Ensure that Microsoft Azure network security groups (NSGs) do not allow unrestricted inbound access on UDP ports to prevent unauthorized access and potential exploitation of vulnerabilities.