Benchmark: 1.4.5 The disclosure of internal IP addresses and routing information is limited to only authorized parties
Description
Restricting the disclosure of internal, private, and local IP addresses is useful to prevent a hacker from obtaining knowledge of these IP addresses and using that information to access the network.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-compliance
Start the Powerpipe server:
steampipe service startpowerpipe server
Open http://localhost:9033 in your browser and select 1.4.5 The disclosure of internal IP addresses and routing information is limited to only authorized parties.
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.pci_dss_v40_requirement_1_4_5
Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.pci_dss_v40_requirement_1_4_5 --share
Controls
- AWS EC2 launch templates should not assign public IPs to network interfaces
- ECS task definitions should not share the host's process namespace