Quick Info
| Plugin Title | Default Security List |
| Cloud | ORACLE |
| Category | Networking |
| Description | Ensure the default security lists block all traffic by default |
| More Info | The default security list is often used for resources launched without a defined security list. For this reason, the default rules should be to block all traffic to prevent an accidental exposure. |
| ORACLE Link | https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/securitylists.htm |
| Recommended Action | Update the rules for the default security list to deny all traffic by default |
Detailed Remediation Steps
- Log in to the Google Oracle Platform Console.
- Scroll down the left navigation panel and choose the “Virtual Cloud Networks” under the “Networking.”
- On the “Virtual Cloud Networks” page, click on the “Name” as a link to access the “Virtual Network.”
- On the “Virtual Cloud Network Details” page, scroll down the left navigation panel and choose the “Security Lists” option under the “Resources.”
- On the “Security Lists” page, click on the “Name” as a link for “Default Security List” to access the security list.
- On the “Default Security List” check if there are any ports open for traffic. If yes, then it’s not as per the best practices define by GCP.
- Repeat steps number 2 - 6 to verify “Default Security Group” in other accounts.
- Navigate to “Virtual Cloud Networks” under the “Networking”, click on the “Name” as a link to access the “Virtual Network”, select the “Default Security List” which needs to block all traffic by default.
- On the “Default Security List” page, select the “Ingress Rules” and click on the “Remove” button at the top to remove any “Ingress Traffic rule."
- Repeat “Step 9” for the “Egress Rules."
- Repeat steps number 8 - 10 to update the rules for the default security list to deny all traffic by default.