Cybersecurity and Linux SSH Servers

Linux SSH Servers as Viable Targets

Charles Parker, II

Cybersecurity is such an interesting field. Just when you have the vulnerabilities figured out, the

environment changes. This dynamic feature keeps everything on a pivot.

One of the newer focal points for attacks are the Linux SSH servers. These are garnering more attention

lately. SSH is commonly used, which provides for a set of targets to try. The method for this attack is for

the bad actor to install port scanners and tools for dictionary attacks. With this in place, the

compromised servers would be used in attacks to compromise other servers. These would then be used

for cryptocurrency mining and DDoS attacks.

This shows the need to address SSH server vulnerabilities, update the versions, and monitor these.

Without the attentiveness, the vulnerabilities continue to be available to be exploited. The interesting

piece of this is the exploit isn’t a one-off. With the compromised servers infecting others, this becomes

exponential. Addressing this removes one more area attackers can test.

About the Author

Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.