From owner-freebsd-security@FreeBSD.ORG  Mon Oct  5 18:03:51 2009
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 7A890106568B
	for <freebsd-security@freebsd.org>;
	Mon,  5 Oct 2009 18:03:51 +0000 (UTC)
	(envelope-from lyndon@yyc.orthanc.ca)
Received: from orthanc.ca (ve6bbm-1-pt.tunnel.tserv13.ash1.ipv6.he.net
	[IPv6:2001:470:7:139::2])
	by mx1.freebsd.org (Postfix) with ESMTP id 2FBB28FC17
	for <freebsd-security@freebsd.org>;
	Mon,  5 Oct 2009 18:03:50 +0000 (UTC)
Received: from orthanc.ca (localhost [127.0.0.1])
	by orthanc.ca (8.14.3/8.14.3) with ESMTP id n95I3nbH040786
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
	for <freebsd-security@freebsd.org>; Mon, 5 Oct 2009 12:03:49 -0600 (MDT)
	(envelope-from lyndon@yyc.orthanc.ca)
Received: (from uucp@localhost)
	by orthanc.ca (8.14.3/8.14.3/Submit) with UUCP id n95I3nNK040785
	for freebsd-security@freebsd.org; Mon, 5 Oct 2009 12:03:49 -0600 (MDT)
	(envelope-from lyndon@yyc.orthanc.ca)
Received: from yyc.orthanc.ca (neo.yyc.orthanc.ca [192.168.0.10])
	by legolas.yyc.orthanc.ca (8.14.3/8.14.3) with ESMTP id n95I3ihj011466
	for <freebsd-security@freebsd.org>; Mon, 5 Oct 2009 12:03:44 -0600 (MDT)
	(envelope-from lyndon@yyc.orthanc.ca)
Message-ID: <f2f79c6b5c482a9ad826c2f53d206dec@yyc.orthanc.ca>
To: freebsd-security@freebsd.org
From: Lyndon Nerenberg - VE6BBM/VE7TFX  <lyndon@orthanc.ca>
Organization: The Frobozz Magic Homing Pigeon Company
Date: Mon, 5 Oct 2009 12:03:44 -0600
In-Reply-To: <C71A2370-DF5D-4C73-9321-7AA95B4844D5@danielbond.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Subject: Re: openssh concerns
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Oct 2009 18:03:51 -0000

> Personally I tend to either firewall the OpenSSH daemon, or leave it  
> wide open. I don't really see the point in changing ports, as long as  
> they are still publicly available.

The ssh bots only seem to probe port 22.  In well over a year of
running my ssh servers on a different (very low numbered) port I
haven't logged a single probe (across about a dozen highly visible
servers).

--lyndon