IP Banning (Using IPFW)
Atis
atissita at btv.lv
Mon Feb 6 14:37:26 PST 2006
On Sun, 5 Feb 2006 18:55:13 -0500
David Scheidt <dscheidt at panix.com> wrote:
>
> Nonsense. There may be some people that only scan well-known ports,
> but it's much more common to scan every port on a machine. If you're
> running a server on a non-standard port, an attacker will find it.
>
sure, but 99% of the time the machines attacking your server are zombies
that do not care to do a full portscan. i suppose the purpose is to
find other misconfigured, easy-to-hack computers on the network. by
putting your services on non-standard ports you get rid of these
mindless drones and don't pollute log files with useless garbage.
now if somebody _does_ actually target your server in particular then
this is definitely not the solution.
anywayz, putting things on non-standard ports helps a lot, and is
one of the first and easiest security measures an administrator
may consider.
Atis
More information about the freebsd-questions
mailing list