SSH through port forwarding
Chad Perrin
perrin at apotheon.com
Fri Dec 28 09:17:37 PST 2007
On Tue, Dec 18, 2007 at 05:44:11AM -0500, Gerard Seibert wrote:
> > On December 18, 2007 at 12:47AM sham khalil wrote:
> >
> > once you open port 22 to public ip, you'll get people try to bruteforce your
> > machine.
> > if you don't want that set sshd to listen to a higher number like 5522
> > then forward port 5522 from the router to the internal machines.
> >
> > unfortunately for wrt54g, you can't forward port 5522 to 22 for internal
> > machine.
>
> Security through obscurity is a poor substitute for security. Port scanners
> will eventually find that port also.
One needs something else for security against brute-force attempts, but
changing the port number does help cut down on the amount of bandwidth
consumption on the LAN side of your router by allowing the router to
ignore/deny all incoming traffic on port 22.
--
CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ]
Marvin Minsky: "It's just incredible that a trillion-synapse computer could
actually spend Saturday afternoon watching a football game."
More information about the freebsd-questions
mailing list