tightening ssh

[James Wilkinson]

Claude Jones wrote:
> You and Leonard are confirming some things I've concluded, but, it reminds me 
> of a second question I haven't really found an answer to. What port? Is it 
> best to choose a high port, or pick one in the below 1024 range? 

*Probably* choosing a high port. There are enough services running in
the low IP range that it's worth scanning them. Once the SSH daemon has
been scanned, an attacker will know that port is open, and a simple
telnet connection will tell a potential attacker that it's a SSH daemon.

It takes long enough to scan the entire IP range that it's significantly
less common. So you're somewhat less likely to be scanned.

James.
-- 
E-mail address: james | You know you've been computing too long when you see a
@westexe.demon.co.uk  | BBC News headline "MS damage repair mechanism found",
                      | and wonder why that's news. Then you wonder why it's
                      | listed under Health...