[clug] Starting k/ubuntu - Debian
csmall at enc.com.au
Tue May 15 00:06:38 GMT 2007
On Tue, May 15, 2007 at 09:35:34AM +1000, Michael Cohen wrote:
> Moving the port is a PITA for people trying to use it, and it doesnt really do
> that much to enhance your secuirity because a simple port scan will find it. If
> you want to make your daemon invisible to unauthorised users use port knocking.
It depends on the number of people trying to access the server and how
many clients they do it from. Yes it won't stop someone determined
who is specifically targeting you from finding it, but the vast majority
of people hitting a server are not that. They are the ones that download
the last worm program and start it and those type of programs do not
generally wander off from the usual known ports.
I did it to stop the password guessing programs, not because I thought
they would figure it out but it was damn annoying having my logs fill up
with bad username/password combinations. Now if I see sshd complaining,
I know it is something worth looking into more.
Moving the port stopped that whole password guessing automation thing
dead. All for one line in one file on the server and about 2 or 3 on the
Craig Small GnuPG:1C1B D893 1418 2AF4 45EE 95CB C76C E5AC 12CA DFA5
http://www.enc.com.au/ csmall at : enc.com.au
http://www.debian.org/ Debian GNU/Linux, software should be Free
More information about the linux