1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
documentation_complete: true
title: 'Remove SSH Server iptables Firewall exception (Unusual)'
description: |-
By default, inbound connections to SSH's port are allowed. If the SSH
server is not being used, this exception should be removed from the
firewall configuration.
<br /><br />
Edit the files <tt>/etc/sysconfig/iptables</tt> and
<tt>/etc/sysconfig/ip6tables</tt> (if IPv6 is in use). In each file, locate
and delete the line:
<pre>-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT</pre>
This is unusual, as SSH is a common method for encrypted and authenticated
remote access.
rationale: |-
If inbound SSH connections are not expected, disallowing access to the SSH
port will avoid possible exploitation of the port by an attacker.
severity: unknown
|
