Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.os.linux.development.apps > #281
| Date | 2011-12-01 13:11 +0100 |
|---|---|
| From | David Brown <david@westcontrol.removethisbit.com> |
| Newsgroups | comp.os.linux.development.apps |
| Subject | Re: Security problem |
| References | <j3jrp5$534$1@speranza.aioe.org> <cd90j8-mnq.ln1@crazy-horse.bildanet.com> <5LadnfB9uvXse_3TnZ2dnUVZ7oGdnZ2d@lyse.net> <jb7kle$7it$1@dont-email.me> |
| Message-ID | <ZP6dnXFAC4ua8krTnZ2dnUVZ8h6dnZ2d@lyse.net> (permalink) |
On 01/12/2011 11:24, Noob wrote: > David Brown wrote: > >> The easiest and most effective step to limiting dictionary attacks is >> simply to use a non-standard port. Put your sshd on port 222 instead of >> 22, and no attacker will ever find it. > > Famous last words. > > Meet nmap. Worms and script kiddies go for standard ports, using common login names and passwords, on large ranges of IP addresses. If an IP address doesn't have an sshd on port 22, they find a different address that does. Why waste time on a system that is harder to break into when there are so many others around? People making specific attacks will use nmap and port scanners on non-standard ports. So if you are a likely target for attacks, then it will only delay the attack. Of course you don't put sshd on port 222 and then put your root password as "secret". But as part of a security strategy it is excellent for cutting out virtually all drive-by attacks, and reducing the noise in your logs.
Back to comp.os.linux.development.apps | Previous | Next — Previous in thread | Next in thread | Find similar
Security problem jacob navia <jacob@spamsink.net> - 2011-08-31 01:29 +0200
Re: Security problem GangGreene <GangGreene@invalid.com> - 2011-08-30 19:47 -0400
Re: Security problem jacob navia <jacob@spamsink.net> - 2011-08-31 02:20 +0200
Re: Security problem David Brown <david@westcontrol.removethisbit.com> - 2011-09-02 16:19 +0200
Re: Security problem Noob <root@127.0.0.1> - 2011-12-01 11:24 +0100
Re: Security problem David Brown <david@westcontrol.removethisbit.com> - 2011-12-01 13:11 +0100
Re: Security problem Rainer Weikusat <rweikusat@mssgmbh.com> - 2011-12-01 13:34 +0000
Re: Security problem David Brown <david@westcontrol.removethisbit.com> - 2011-12-01 16:19 +0100
Re: Security problem Rainer Weikusat <rweikusat@mssgmbh.com> - 2011-12-01 17:10 +0000
Re: Security problem David Brown <david.brown@removethis.hesbynett.no> - 2011-12-01 23:17 +0100
Re: Security problem Rainer Weikusat <rweikusat@mssgmbh.com> - 2011-12-01 22:34 +0000
Re: Security problem David Brown <david@westcontrol.removethisbit.com> - 2011-12-02 10:25 +0100
Re: Security problem Richard Kettlewell <rjk@greenend.org.uk> - 2011-12-02 10:37 +0000
Re: Security problem Rainer Weikusat <rweikusat@mssgmbh.com> - 2011-12-02 14:44 +0000
Re: Security problem David Brown <david@westcontrol.removethisbit.com> - 2011-12-02 17:11 +0100
Re: Security problem André Gillibert <MetaEntropy.removeThis@gmail.com> - 2011-12-03 11:45 +0100
Re: Security problem Noob <root@127.0.0.1> - 2011-12-05 13:26 +0100
Re: Security problem Carlos Moreno <moreno_news@mailinator.com> - 2011-09-01 11:47 -0400
Re: Security problem Richard Kettlewell <rjk@greenend.org.uk> - 2011-09-01 17:01 +0100
Re: Security problem Carlos Moreno <moreno_news@mailinator.com> - 2011-09-01 15:48 -0400
Re: Security problem Richard Kettlewell <rjk@greenend.org.uk> - 2011-09-01 22:44 +0100
Re: Security problem Richard Kettlewell <rjk@greenend.org.uk> - 2011-09-02 14:27 +0100
Re: Security problem Jasen Betts <jasen@xnet.co.nz> - 2011-09-02 11:06 +0000
Re: Security problem Richard Kettlewell <rjk@greenend.org.uk> - 2011-09-02 13:49 +0100
Re: Security problem Carlos Moreno <moreno_news@mailinator.com> - 2011-09-02 13:58 -0400
Re: Security problem Richard Kettlewell <rjk@greenend.org.uk> - 2011-09-02 19:31 +0100
Re: Security problem "Ersek, Laszlo" <lacos@caesar.elte.hu> - 2011-09-01 21:01 +0200
csiph-web