Date: Sat, 22 Oct 2011 10:34:19 -0600 From: Chad Perrin <perrin@apotheon.com> To: freebsd-questions@freebsd.org Subject: Re: Breakin attempt Message-ID: <20111022163419.GB20964@guilt.hydra> In-Reply-To: <201110221523.p9MFNNjZ019344@mail.r-bonomi.com> References: <20111022161242.11803f76.freebsd@edvax.de> <201110221523.p9MFNNjZ019344@mail.r-bonomi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--dc+cDN39EJAMEtIO Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Oct 22, 2011 at 10:23:23AM -0500, Robert Bonomi wrote: >=20 > Arguements aginst doing so are generally based on the "'security by > obscurity' is not security" concept. >=20 > That argument _is_ 'technically accurate'. <grin> >=20 > Moving sshd to a non-standard port does _not_ do anything to make the=20 > system any more secure. >=20 > Of course, as long as one understands that that _is_ the case, and > is doing it for 'some other' defensible reason -- such as to eliminate > logfile 'noise' from script-kiddie 'doorknob rattlers' -- doing so > *is* perfectly reasonable. >=20 > *I* do it on _my_ machines, expressly for the reason stated in the prior > paragraph. I should have finished reading the thread before sending my own reply on a different branch of the discussion. This is (stated differently) pretty much exactly the message I meant to convey. --=20 Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ] --dc+cDN39EJAMEtIO Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) iEYEARECAAYFAk6i8IsACgkQ9mn/Pj01uKVu2wCffAz4RsZEFlHMkPqG6u1zZgGl tkQAoKTX/7qlc9RviMOtlemPEFM2GDqU =nZpD -----END PGP SIGNATURE----- --dc+cDN39EJAMEtIO--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20111022163419.GB20964>