From owner-freebsd-questions@FreeBSD.ORG Sat Oct 22 14:12:45 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DAEE91065674 for ; Sat, 22 Oct 2011 14:12:45 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx01.qsc.de (mx01.qsc.de [213.148.129.14]) by mx1.freebsd.org (Postfix) with ESMTP id A042F8FC0C for ; Sat, 22 Oct 2011 14:12:45 +0000 (UTC) Received: from r56.edvax.de (port-92-195-104-16.dynamic.qsc.de [92.195.104.16]) by mx01.qsc.de (Postfix) with ESMTP id 2DACE3D26C; Sat, 22 Oct 2011 16:12:43 +0200 (CEST) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id p9MECgaQ002582; Sat, 22 Oct 2011 16:12:42 +0200 (CEST) (envelope-from freebsd@edvax.de) Date: Sat, 22 Oct 2011 16:12:42 +0200 From: Polytropon To: Bruce Cran Message-Id: <20111022161242.11803f76.freebsd@edvax.de> In-Reply-To: <4EA2CE72.5030202@cran.org.uk> References: <000001cc90c0$a0c16050$e24420f0$@org> <4EA2CE72.5030202@cran.org.uk> Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: Breakin attempt X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Polytropon List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Oct 2011 14:12:45 -0000 On Sat, 22 Oct 2011 15:08:50 +0100, Bruce Cran wrote: > I suspect that these sorts of attacks are fairly normal if you're > running ssh on the standard port. I used to have lots of 'break-in > attempts' before I moved the ssh server to a different port. Is there _any_ reason why moving from port 22 to something different is _not_ a solution? Reason why I'm asking: Moving SSH away from its default port seems to be a relatively good solution as break-in attempts concentrate on default ports. So in case a sysadmin decides to move SSH to a "hidden" location, what could be an argument against this decision? -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...