Security researcher Eitan Caspi recently checked the gov.il subdomain for security issues, and as a result, he found open Open SSH access on the Israeli government DNS server.
Using an online SSL checker developed by Qualys, Eitan Caspi analyzed the SSL configuration on the server and eventually received a reply on port 22 from one of the checked IPs. SSH uses port 22, a service that allows administrators to connect to Linux servers, and Caspi says open access allows him to try to log in.
Eitan Caspi sent the discovery to the Israeli National Certification Center on the same day. Ten minutes later, Eitan Caspi also managed to contact a veteran of the Israeli government’s information technology department and informed them of the details. According to Eitan Caspi, after a few hours, the port was closed and the channel was blocked.
However, after further analysis, he found that the server used an old version of OpenSSH, which is known for containing multiple vulnerabilities. The server is running OpenSSH 7.4p1, which was released in December 2016, so it has been around for more than three years. Since then, OpenSSH has released multiple versions and a series of security fixes for various security issues, and these updated versions and fixes may not be installed on the server right now.