Cybersecurity and Linux SSH Servers
Linux SSH Servers as Viable Targets
Charles Parker, II
Cybersecurity is such an interesting field. Just when you have the vulnerabilities figured out, the
environment changes. This dynamic feature keeps everything on a pivot.
One of the newer focal points for attacks are the Linux SSH servers. These are garnering more attention
lately. SSH is commonly used, which provides for a set of targets to try. The method for this attack is for
the bad actor to install port scanners and tools for dictionary attacks. With this in place, the
compromised servers would be used in attacks to compromise other servers. These would then be used
for cryptocurrency mining and DDoS attacks.
This shows the need to address SSH server vulnerabilities, update the versions, and monitor these.
Without the attentiveness, the vulnerabilities continue to be available to be exploited. The interesting
piece of this is the exploit isn’t a one-off. With the compromised servers infecting others, this becomes
exponential. Addressing this removes one more area attackers can test.
About the Author
Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.