Date: Mon, 05 Oct 2009 13:02:46 -0700 From: Micheas Herman <m@micheas.net> To: freebsd-security@freebsd.org Subject: Re: openssh concerns Message-ID: <1254772966.30618.1405.camel@vcampaign> In-Reply-To: <7f1779bf9fa52b6cbf7a8384883232a6@yyc.orthanc.ca> References: <7f1779bf9fa52b6cbf7a8384883232a6@yyc.orthanc.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 2009-10-05 at 12:46 -0600, Lyndon Nerenberg - VE6BBM/VE7TFX
wrote:
> > Granted, if somebody is not specifically targeting you and is just scanning
> > ranges to find sshd on 22 they will pass you right up since that port will
> > be closed.
>
> The port change was intended only to avoid the port scanners.
And when you get notices in your logs, you can respond, as you
know you are being targeted and can take appropriate responses.
The biggest reason I can see for running ssh on an non-standard
port is increasing the signal to noise ratio in the logs.
If you can investigate every failed ssh login, you should be
safer than if you ignore 40,000 failed logins a day.
Just my experience, but of course being able to effortlessly
investigate 40,000 failed logins would probably be a better
situation.
>
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
--
Things past redress and now with me past care.
-- William Shakespeare, "Richard II"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1254772966.30618.1405.camel>