Network security lists should not allow unrestricted inbound SSH access
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、
お気軽にご連絡ください。
Description
Security lists provide stateful and stateless filtering of ingress and egress network traffic to OCI resources on a subnet level. It is recommended that no security list allows unrestricted ingress access to TCP port 22 from 0.0.0.0/0 (IPv4) or ::/0 (IPv6). Removing unrestricted connectivity to remote console services, such as Secure Shell (SSH), reduces a server’s exposure to risk.
Remove or modify ingress security rules that allow SSH access from 0.0.0.0/0 (IPv4) or ::/0 (IPv6). Instead, restrict SSH access to specific IP ranges or use VPN connections. For guidance on configuring network security lists, refer to the Updating Rules in a Security List section of the Oracle Cloud Infrastructure documentation.
