dnswatchdog.iodocs
Issues

Port 22: SSH

Open SSH port detected on a publicly accessible host.

Severity: Critical | Port: 22

An open SSH port issue as shown in DNS Watchdog, displaying the affected host and port details

What is SSH?

SSH (Secure Shell) is a protocol for securely connecting to a remote computer's command line. It encrypts all traffic, making it far safer than older protocols like Telnet. System administrators use SSH to manage servers, deploy code, and transfer files.

Why this is a problem

While SSH itself is encrypted, exposing port 22 to the entire internet makes the server a target for brute-force attacks — automated tools that try thousands of username/password combinations per minute. If weak credentials are in use, attackers can gain full shell access to the machine.

What you should do

  • Restrict SSH access to known IP addresses or VPN ranges using firewall rules or security groups
  • Disable password authentication and require SSH key-based authentication only
  • Use a non-standard port to reduce automated scanning noise
  • Enable fail2ban or similar tools to block repeated failed login attempts
  • Keep the SSH server software up to date

Port 21: FTP

Open FTP port detected on a publicly accessible host.

Port 23: Telnet

Open Telnet port detected on a publicly accessible host.

On this page

What is SSH?Why this is a problemWhat you should do