Why is port 22 open by default?
Derrick Ryalls
ryallsd at datasphereweb.com
Thu May 8 00:04:06 PDT 2003
> On Wednesday 07 May 2003 20:03, Brad Lisoweski wrote:
> > Would you rather have telnet open?
> >
> > IMHO, SSH is secure, and is fine to be open by default. If you are
> > paranoid, compile ipfilter or ipfw into your kernel and
> block access
> > to port 22.
>
> Thanks for your reply.
>
> I run a shell server, so I need SSH.
> I'm still relatively new to all this, so I figured if it is
> open by default,
> it must be secure.
> Before I thought that easily exploitable holes are regularly
> discovered in
> SSH.
>
I too am a security freak, so I limit what ips can ssh to my machines.
Read the man pages for your firewall, or do it the really simple way and
use /etc/hosts.allow:
sshd : 192.168.1. : allow
sshd : trusted.com : allow
sshd : all : deny
More information about the freebsd-questions
mailing list