Breakin attempt
Robert Bonomi
bonomi at mail.r-bonomi.com
Sat Oct 22 15:23:39 UTC 2011
> Date: Sat, 22 Oct 2011 16:12:42 +0200
> From: Polytropon <freebsd at edvax.de>
> Subject: Re: Breakin attempt
>
> On Sat, 22 Oct 2011 15:08:50 +0100, Bruce Cran wrote:
> > I suspect that these sorts of attacks are fairly normal if you're
> > running ssh on the standard port. I used to have lots of 'break-in
> > attempts' before I moved the ssh server to a different port.
>
> Is there _any_ reason why moving from port 22 to something
> different is _not_ a solution?
>
> Reason why I'm asking: Moving SSH away from its default port
> seems to be a relatively good solution as break-in attempts
> concentrate on default ports. So in case a sysadmin decides
> to move SSH to a "hidden" location, what could be an argument
> against this decision?
Arguements aginst doing so are generally based on the "'security by
obscurity' is not security" concept.
That argument _is_ 'technically accurate'. <grin>
Moving sshd to a non-standard port does _not_ do anything to make the
system any more secure.
Of course, as long as one understands that that _is_ the case, and
is doing it for 'some other' defensible reason -- such as to eliminate
logfile 'noise' from script-kiddie 'doorknob rattlers' -- doing so
*is* perfectly reasonable.
*I* do it on _my_ machines, expressly for the reason stated in the prior
paragraph.
More information about the freebsd-questions
mailing list