Update Control “azure-networking-ssh-from-internet”

cyscale · Nov 1, 2022 · 55eb326 · 55eb326
1 parent 823de4d
commit 55eb326
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/controls/azure-networking-ssh-from-internet.json b/controls/azure-networking-ssh-from-internet.json
@@ -1,6 +1,6 @@
 {
   "name": "Ensure that SSH access is restricted from the internet",
-  "slug": "azure-networking-ssh-from-internet",
+  "slug": "networking-ssh-from-internet",
   "remediationDescription": "#### Azure\nDisable direct SSH access to your Azure Virtual Machines from the Internet. After direct SSH access from the Internet is disabled, you have other options you can use to access these virtual machines for remote management:\n\n- Point-to-site VPN\n- Site-to-site VPN\n- ExpressRoute\n\nBy default, SSH access from the internet is not `enabled`.\n\n**References:**\n\n1. [Azure best practices for network security](https://docs.microsoft.com/en-us/azure/security/azure-security-network-security-best-practices#disable-rdpssh-access-to-azure-virtual-machines)\n2. [Security Control V2: Network Security](https://docs.microsoft.com/en-us/azure/security/benchmarks/security-controls-v2-network-security#ns-1-implement-security-for-internal-traffic)\n\n#### AWS\nCheck your EC2 security groups for inbound rules that allow unrestricted access (i.e. `0.0.0.0/0` or `::/0`) to `TCP` port `22`. Restrict access to only those IP addresses that require it, in order to implement the principle of least privilege and reduce the possibility of a breach.\n\n**References:**\n\n1. [Security groups: inbound and outbound rules](https://docs.aws.amazon.com/quicksight/latest/user/vpc-security-groups.html)\n\n#### Alibaba\nSimilar with Azure, you have to check your Elastic Compute Services (ECS) security groups for inbound rules that allow unrestricted access (i.e. `0.0.0.0/0` or `::/0`) to `TCP` port `22`.\n\n**References:**\n\n1. [Security groups for different use cases](https://www.alibabacloud.com/help/en/elastic-compute-service/latest/security-groups-for-different-use-cases)\n\n#### GCP\nMake sure that you don't have any Firewall Rule that allow unrestricted access (i.e. `0.0.0.0/0` or `::/0`) to `TCP` port `22` for any of your VPC Networks.\n\n**References:**\n\n1. [VPC firewall rules](https://cloud.google.com/vpc/docs/firewalls#best_practices_for_firewall_rules)",
   "body": "The potential security problem with using SSH over the Internet is that attackers can use various brute force techniques to gain access to Virtual Machines. Once the attackers gain access, they can use a virtual machine as a launch point for compromising other machines on the Network or even attack networked devices outside of the Cloud.",
   "severity": 3,