Onpening and Closing ports
Gerard Seibert
gerard at seibercom.net
Mon Feb 12 21:51:56 UTC 2007
On Monday February 12, 2007 at 04:27:53 (PM) Chuck Swiger wrote:
> On Feb 10, 2007, at 11:37 PM, Dave Carrera wrote:
> > Had a little nasty person trying to break my sshd on port 22.
> >
> > I need to change and open a new port for sshd but i do not know how.
> >
> > Can one of you kind people help me with this please
>
> If you use good passwords, the SSH dictionary attacks are not a great
> concern. However, you can pass sshd the "-p 2222" flag to change the
> port from the default of 22 to (for example) 2222. To make this
> change permanent, add:
>
> sshd_flags="-p 2222"
>
> ..to /etc/rc.conf.
Why not just use SSH certificates and forget about worrying about
password attacks. The OP could also limit the addresses that could logon
as well as the actual users. Combined, that would secure a sever far
better than the "Security Through Obscurity" approach.
Just my 2¢.
--
Gerard
"I choose to ignore, of course, the fact that self-Googling
is perhaps the most narcissistic thing a person can do that doesn't
involve actually humping a mirror."
Dan Kois
More information about the freebsd-questions
mailing list