List AWS Security Groups open to 0.0.0.0/0


We all now that opening security groups to the world is a bad practice, right? Maybe we can audit these running some queries like the following:

Inbound:

$ aws ec2 –region us-west-2 describe-security-groups –filter Name=ip-permission.cidr,Values=’0.0.0.0/0′ –query “SecurityGroups[*].{Name:GroupName,ID:GroupId}” –output table

| DescribeSecurityGroups |
+-----------------------+-------------------+
| ID | Name |
+-----------------------+-------------------+
| sg-0b977c7003c7b280 | launch-wizard-2 |
+-----------------------+-------------------+

Outbound:

$ aws ec2 –region us-west-2 describe-security-groups –filter Name=egress.ip-permission.cidr,Values=’0.0.0.0/0′ –query “SecurityGroups[*].{Name:GroupName,ID:GroupId}” –output table

| DescribeSecurityGroups |
+-----------------------+-------------------------------------------------+
| ID | Name |
+-----------------------+-------------------------------------------------+
| sg-61de04 | vivXXXX_XX_US_West |
| sg-9eefe3 | CentOS 6  |
| sg-9479a0 | default |
| sg-e6b0a4 | ElasticMapReduce-master |
| sg-077c79703c7b280 | launch-wizard-2 |
| sg-b24375 | default |
+-----------------------+-------------------------------------------------+

Boeing 377 Flight Deck


The Boeing 377 Stratocruiser was a large long-range airliner developed from the C-97 Stratofreighter military transport, itself a derivative of the B-29 Superfortress. The Stratocruiser’s first flight was on July 8, 1947. Its design was advanced for its day; its innovative features included two passenger decks and a pressurized cabin. It could carry up to 100 passengers on the main deck plus 14 in the lower deck lounge; typical seating was for 63 or 84 passengers or 28 berthed and five seated passengers.

https://en.wikipedia.org/wiki/Boeing_377_Stratocruiser