By default, inbound connections to SSH's port are allowed. If the SSH
server is not being used, this exception should be removed from the
firewall configuration.
Edit the files /etc/sysconfig/iptables and
/etc/sysconfig/ip6tables (if IPv6 is in use). In each file, locate
and delete the line:
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
This is unusual, as SSH is a common method for encrypted and authenticated
remote access.