安全中心中针对具有高风险入站端口规则的任何VM的建议 [英] Recommendations in Security Center for any VM that has risky Inbound port rules

问题描述

是否有任何安全中心建议标记对因特网开放的入站端口规则（如ssh等）可能会带来安全风险？ 

Is there any Security Center recommendation that flags Inbound port rules that are open to the Internet like ssh, etc., that may pose a security risk? 

I我正在通过安全中心进行梳理，也许我忽视了标记这一点的建议。

I'm combing through Security Center and perhaps I'm overlooking the recommendation that does flag this.

Thx

推荐答案

您好JuniorRW， 

Hi JuniorRW, 

您可以继续限制端口访问权限SSH通过NSG并允许特定IP访问SSH端口。 

You can go ahead and restrict the port access to SSH via NSG and allow specific IPs to access SSH port. 

编写脚本以修改NSG以允许您的公共IP地址连接到您的虚拟机，并再次发布工作阻止SSH访问。 

Write a script to modify your NSG to allow your Public IP address before connecting to your VM, and post your work block the SSH access again. 

示例脚本：  http：// www。 fhtino.it/blog/workaround-for-connecting-ssh-source-ip-protected-vm-from-azure-cloud-shell

Sample Script: http://www.fhtino.it/blog/workaround-for-connecting-ssh-source-ip-protected-vm-from-azure-cloud-shell

问候， 

Msrini

这篇关于安全中心中针对具有高风险入站端口规则的任何VM的建议的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！