Security basics
Patrick
flymooney at gmail.com
Thu Oct 4 01:43:33 UTC 2007
Steve Siegfried wrote:
> Changing ports for ssh isn't actually that hot of an idea. Most port scanners
> can detect ssh implementations since they normally self-identify. For example,
> if you're running ssh on the normal port (22), try executing:
> /usr/bin/telnet YOUR.HOST.IP.ADDR 22
> and see what pops out.
>
> Hope this helps'idly,
>
> -S
Changing SSH ports on my server yielded a 100% drop (yes...100%) in
routine script attacks. I still have the usual people checking for
phpMyAdmin stuff as well as the others, but nothing comes through on SSH
now. And yes, when I did it I heard the whole "security through
obscurity is not security" BS but the results cannot be argued with. In
summation, CHANGE YOUR SSH PORT. It will work and cut down if not
eliminate the script kiddies. Then when someone really starts knocking
on your SSH door, it will not be lost in all of the "noise" from the
scripters.
Patrick
More information about the users
mailing list