Network misconfigurations

AWS EC2 instance allows public ingress access on SSH port 22

Platform(s)
Compliance Frameworks
  • CCPA
  • ,
  • Data Security Posture Management (DSPM) Best Practices
  • ,
  • Mitre ATT&CK
  • ,
  • New Zealand Information Security Manual
  • ,
  • NIST 800-171
  • ,
  • NIST 800-53
  • ,
  • Orca Best Practices
  • ,
  • UK Cyber Essentials

Description

SSH (Secure Shell) port - 22 is used to get CLI access to Linux instances. Allowing inbound traffic from all external IP addresses to SSH port is vulnerable to banner grabbing and brute force attack. It is a best practice to restrict access from specific IP addresses to port 22.