[vox-tech] Why change default ssh port?

Ryan cjg5ehir02 at sneakemail.com
Fri Jun 16 16:24:18 PDT 2006


On Monday 12 June 2006 12:27 pm, Rick Moen rick-at-linuxmafia.com |lugod| 
wrote:
> Quoting Micah J. Cowan (micah at cowan.name):
> > This seems a /bit/ harsh. And MB does make a valid point that the ROI on
> > simply shifting the ports is somewhat impressive.
>
> "Return" in this context, on a properly maintained and administered
> system, means "reduce from near-zero to near-zero".
>
> Of course, many people in practic measure "return" by "number of lines
> per logcheck report to obsess over, because I'm really new to this
> security thing and worry a lot".

I run SSH on a port that is not 22 as well, for the simple reason that I do 
not want to see the infernal bot probings show up in my log files on boxes 
that I cannot firewall to only allow access from specific networks.  And it 
will prevent wide scale untargeted automated attacks.  Certinaly it is no 
substitute for patching and proper configureing of SSH, but IMHO it is worth 
doing, as long is you keep in mind that if there's an exploit in SSHd it's 
not a fix, and at most will prevent the dumber script kiddies from owning 
your box.

-- 
Ryan Castellucci - http://ryanc.org/
GPG Key: http://ryanc.org/files/publickey.asc


More information about the vox-tech mailing list