Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

SSH Server Vulnerabilities

by Cesar Navas
February 16, 2016

Administrators and analysts routinely use SSH for remote administration within an organization. SSH server versions in an organization may not be the same, or may be outdated which creates potential vulnerabilities. This dashboard can assist analysts in identifying SSH servers and versions within an organization to assist in efforts to secure and harden the environment.

Secure Shell (SSH) provides a secure, command line interface for remote administration of UNIX based systems. Most UNIX based systems come with SSH installed by default when the system was built. Some organizations are using systems with SSH that are outdated, and have vulnerabilities that could compromise network assets. Using Nessus credentialed scans, analysts can detect current and outdated versions of SSH on systems, and alert to any potential vulnerabilities that could increase risk for an organization.

This dashboard can assist analysts in identifying SSH server versions within the organization. Once analysts identify the different versions of SSH installed on hosts, they can update vulnerable SSH servers and clients. SSH based attacks are still used by attackers to circumvent defenses to gain entrance into a network and/or move laterally. Hosts that use SSH include network and storage devices, which attackers can exploit depending on the use of SSH in the environment.

The components within this dashboard use several Nessus plugins that detect an SSH service in use, version, and vulnerabilities associated with SSH. This can help to identify systems that have outdated SSH versions such as 1.33 and 1.5, which typically have vulnerabilities associated with them. Detecting outdated versions of SSH can assist organizations in identifying hosts with exploitable vulnerabilities. Another component will help determine if SSH is installed, and the associated ports. Although most versions of SSH listen on TCP port 22, other versions can listen on non-standard ports such as port 16022.

The dashboard and its components are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards and assets. The dashboard can be easily located in the Tenable.sc Feed under the category Compliance & Configuration Assessment. The dashboard requirements are:

  • Tenable.sc 4.8.2
  • Nessus 8.5.1

Tenable provides continuous network monitoring to identify vulnerabilities, reduce risk and ensure compliance. Our family of products includes Tenable.sc Continuous View (CV), Nessus, Nessus Network Monitor (NNM) and Log Correlation Engine (LCE). Tenable.sc CV provides the most comprehensive and integrated view of network health. Nessus is the global standard in detecting and assessing network data.

This dashboard contains the following components:

  • SSH Server - Miscellaneous: This matrix component displays the count of different versions of SSH detected within the organization
  • SSH Server - SSH Server 1.0 Supported Hosts: This table component displays the hosts detected in the organization supporting SSH protocol 1.x versions
  • SSH Server - Vulnerabilities: This bar chart component displays counts of the vulnerability severities relating to TCP port 22
  • SSH Server - Port Detection: This table component displays instances of network ports that are listening with the SSH protocol
Try for Free Buy Now

Try Tenable.io

FREE FOR 30 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, email, community and chat support 24 hours a day, 365 days a year. Full details here.

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 30 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 30 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.

Try for Free Contact Sales

Try Tenable Lumin

FREE FOR 30 DAYS

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.