Network misconfigurations

AWS EC2 instance allows public ingress access on SSH port 22

Platform(s)
Compliance Frameworks

CCPA, Data Security Posture Management (DSPM) Best Practices, Mitre ATT&CK, New Zealand Information Security Manual, NIST 800-171, NIST 800-53, Orca Best Practices, UK Cyber Essentials

Description

SSH (Secure Shell) port - 22 is used to get CLI access to Linux instances. Allowing inbound traffic from all external IP addresses to SSH port is vulnerable to banner grabbing and brute force attack. It is a best practice to restrict access from specific IP addresses to port 22.