Description

Amazon Relational Database Service (RDS) is a managed database service provided by Amazon Web Services (AWS). By default, RDS instances use port 1433 for Microsoft SQL Server or port 3306 for MySQL or MariaDB.To ensure RDS is not using the default port 1433, you should change the default port to a non-standard port. This can help reduce the risk of unauthorized access to your database instance.By ensuring that RDS is not using the default port 1433 and implementing additional security measures, you can help protect your database from potential security vulnerabilities and ensure that your AWS environment is secure.

Remediation

If you have determined that your RDS instance is using the default port 1433, it is important to take immediate remediation steps to ensure that your database is secure. Here are some steps you can take:

  1. Change the port: The first step is to change the default port to a non-standard port. You can do this by modifying the security group associated with the RDS instance to allow inbound traffic on the new port. You can also modify the database instance's parameter group to ensure that the new port is used for all database connections. Additionally, you may need to update your application's connection string to use the new port.
  2. Test connectivity: Once you have changed the port, you should test connectivity to ensure that your database is accessible on the new port. You can use a variety of tools to test connectivity, including telnet or a database client.
  3. Update your security policies: Finally, you should update your security policies to ensure that all new RDS instances use a non-default port. This can include updating your company's security guidelines, creating templates for RDS instances that enforce the use of non-default ports, and training your team on best practices for RDS security.

It is important to note that changing the default port alone does not guarantee security. You should also implement other security measures, such as enabling encryption in transit and at rest, configuring appropriate access controls, and implementing multi-factor authentication (MFA) for database access.

By following these remediation steps and implementing additional security measures, you can help ensure that your RDS instance is not using the default port 1433 and that your database is secure from potential security vulnerabilities.

Enforced Resources
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.

Step into the Future of SecOps