From owner-freebsd-questions@FreeBSD.ORG Mon Sep 8 02:20:14 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DE27D106566B for ; Mon, 8 Sep 2008 02:20:14 +0000 (UTC) (envelope-from joeb@a1poweruser.com) Received: from mail-03.name-services.com (mail-03.name-services.com [69.64.155.195]) by mx1.freebsd.org (Postfix) with ESMTP id C95CE8FC13 for ; Mon, 8 Sep 2008 02:20:14 +0000 (UTC) (envelope-from joeb@a1poweruser.com) Received: from laptop ([202.69.173.26]) by mail-03.name-services.com with Microsoft SMTPSVC(6.0.3790.3959); Sun, 7 Sep 2008 19:19:42 -0700 From: "joeb" To: Date: Mon, 8 Sep 2008 10:20:17 +0800 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) In-Reply-To: <20080907204459.GB40687@shepherd> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5512 X-OriginalArrivalTime: 08 Sep 2008 02:19:42.0285 (UTC) FILETIME=[5A612FD0:01C91159] Cc: FBSD1 Subject: RE: ssh X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: joeb@a1poweruser.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Sep 2008 02:20:14 -0000 In FreeBSD 6.2 and older the port SSH listened on was controlled by /etc/services. Now in 7.0 SSH no longer looks at /etc/services to find out what port to listen on. Is this by design or error in the move to a newer release of SSH? When it comes to security through obscurity don't be so fast to shoot it down. On my system port 22 was receiving over 700 scans or login attempts a day. Changing the SSH to use xx22 port stopped all the high school and college script kiddies cold. Now I only get maybe 5 hits on my xx22 port every 3 months. In my book I would say 'security through obscurity' is a very simple first step solution that gives great results. But it will not stop the perpetrator who targets your IP addresses on purpose for some unknown reason. Then your SOL.