Threat Scenarios
Scenario 1 – Unauthorized Remote Access
Target: VPS administrative interface
Vector: Weak authentication or misconfiguration
Impact: Service takeover
Mitigation:
- Hardened SSH configuration
- Key-based authentication
- Bastion-based access
Scenario 2 – Lateral Movement from Compromised Service
Target: Internal network
Vector: Compromised public service
Impact: Internal infrastructure compromise
Mitigation:
- Network segmentation
- Trust boundary enforcement