openssh concerns
Micheas Herman
m at micheas.net
Mon Oct 5 20:26:42 UTC 2009
On Mon, 2009-10-05 at 12:46 -0600, Lyndon Nerenberg - VE6BBM/VE7TFX
wrote:
> > Granted, if somebody is not specifically targeting you and is just scanning
> > ranges to find sshd on 22 they will pass you right up since that port will
> > be closed.
>
> The port change was intended only to avoid the port scanners.
And when you get notices in your logs, you can respond, as you
know you are being targeted and can take appropriate responses.
The biggest reason I can see for running ssh on an non-standard
port is increasing the signal to noise ratio in the logs.
If you can investigate every failed ssh login, you should be
safer than if you ignore 40,000 failed logins a day.
Just my experience, but of course being able to effortlessly
investigate 40,000 failed logins would probably be a better
situation.
>
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
--
Things past redress and now with me past care.
-- William Shakespeare, "Richard II"
More information about the freebsd-security
mailing list