Thread-topic: Is port 22 safe for SSH through firewall?
User-agent: Microsoft-Entourage/11.3.3.061214
On 3/14/07 12:16, "Dave Schroeder" <email@hidden> wrote:
>>> a) SSH scans/probes are very common right now. Accounts with very
>>> bad
>>> passwords may get compromised by these worms. Moving to a non-
>>> standard port
>>> would circumvent this.
>>
>> Not really. You just disguised the port but any smart attacker will
>> notice the service running on another port and switch to targeting
>> that.
>
> ...
>
> No, they won't.* You know that almost all (and probably literally all
> that this person would encounter in practice) ssh password guessing
> attacks are against port 22. Now if someone is targeting *that host,
> specifically*, then yes, they may target ssh on its non-standard
> port. But nearly, and probably, all scripts and bots out there doing
> this will try port 22, and upon not finding it there, will assume the
> machine isn't running ssh. Period. Moving ssh to another port, if
> someone is so inclined (and no I don't do or recommend this myself;
> we use other controls) is a perfectly legitimate measure.
stroke <address> 1 32000 says moving the port is a minor inconvenience
unless you're dealing with an idiot. All you do is keep beating on every
open port with ssh login attempts until you get something appropriate in
response and then beat THAT port like a baby seal.
You would try 22 *first*, but there's nothing particularly hard about
checking other ports. Tedious, but not hard.
--
John C. Welch Writer/Analyst
Bynkii.com Mac and other opinions
email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
This email sent to email@hidden
