MEDIUM
Source
CloudSploit
ID
open-netbios

Open NetBIOS

Ensure that security groups does not have UDP port 137 or 138 for NetBIOS open to the public.

While some ports such as HTTP and HTTPS are required to be open to the public to function properly, more sensitive services such as NetBIOS should be restricted to known IP addresses.

Restrict UDP port 137 or 138 for NetBIOS to known IP addresses