From owner-freebsd-questions@FreeBSD.ORG Sat Oct 22 17:14:54 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9B163106567C for ; Sat, 22 Oct 2011 17:14:54 +0000 (UTC) (envelope-from freebsd-questions-local@be-well.ilk.org) Received: from asbnvacz-mailrelay01.megapath.net (asbnvacz-mailrelay01.megapath.net [207.145.128.243]) by mx1.freebsd.org (Postfix) with ESMTP id 68E9C8FC21 for ; Sat, 22 Oct 2011 17:14:54 +0000 (UTC) Received: from mail5.sea5.speakeasy.net (mail5.sea5.speakeasy.net [69.17.117.49]) by asbnvacz-mailrelay01.megapath.net (Postfix) with ESMTP id A4828A70346 for ; Sat, 22 Oct 2011 13:14:53 -0400 (EDT) Received: (qmail 24812 invoked from network); 22 Oct 2011 17:14:52 -0000 Received: by simscan 1.4.0 ppid: 25491, pid: 17511, t: 0.1590s scanners: clamav: 0.88.2/m:52/d:10739 Received: from dsl092-078-145.bos1.dsl.speakeasy.net (HELO be-well.ilk.org) ([66.92.78.145]) (envelope-sender ) by mail5.sea5.speakeasy.net (qmail-ldap-1.03) with SMTP for ; 22 Oct 2011 17:14:52 -0000 Received: from lowell-desk.lan (lowell-desk.lan [172.30.250.8]) by be-well.ilk.org (Postfix) with ESMTP id 13ED62E0DA; Sat, 22 Oct 2011 13:14:46 -0400 (EDT) Received: by lowell-desk.lan (Postfix, from userid 1147) id 3BB293983C; Sat, 22 Oct 2011 13:14:46 -0400 (EDT) From: Lowell Gilbert To: freebsd-questions@freebsd.org References: <000001cc90c0$a0c16050$e24420f0$@org> <4EA2CE72.5030202@cran.org.uk> <20111022161242.11803f76.freebsd@edvax.de> <444nz17xz4.fsf@lowell-desk.lan> Date: Sat, 22 Oct 2011 13:14:46 -0400 In-Reply-To: <444nz17xz4.fsf@lowell-desk.lan> (Lowell Gilbert's message of "Sat, 22 Oct 2011 13:11:27 -0400") Message-ID: <44zkgt6j95.fsf@lowell-desk.lan> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Polytropon Subject: Re: Breakin attempt X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Oct 2011 17:14:54 -0000 Lowell Gilbert writes: > Polytropon writes: > >> On Sat, 22 Oct 2011 15:08:50 +0100, Bruce Cran wrote: >>> I suspect that these sorts of attacks are fairly normal if you're >>> running ssh on the standard port. I used to have lots of 'break-in >>> attempts' before I moved the ssh server to a different port. >> >> Is there _any_ reason why moving from port 22 to something >> different is _not_ a solution? >> >> Reason why I'm asking: Moving SSH away from its default port >> seems to be a relatively good solution as break-in attempts >> concentrate on default ports. So in case a sysadmin decides >> to move SSH to a "hidden" location, what could be an argument >> against this decision? > > Connecting from behind other people's paranoid firewalls gets difficult > on other ports. And, yes, I realize this isn't a problem for most people, but I'm pretty sure I'm not the only one who runs into it, either.