From owner-freebsd-questions@FreeBSD.ORG Sat Oct 22 16:35:56 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C67CB1065673 for ; Sat, 22 Oct 2011 16:35:56 +0000 (UTC) (envelope-from perrin@apotheon.com) Received: from oproxy8-pub.bluehost.com (oproxy8.bluehost.com [IPv6:2605:dc00:100:2::a8]) by mx1.freebsd.org (Postfix) with SMTP id 880B28FC08 for ; Sat, 22 Oct 2011 16:35:56 +0000 (UTC) Received: (qmail 8982 invoked by uid 0); 22 Oct 2011 16:35:56 -0000 Received: from unknown (HELO box543.bluehost.com) (74.220.219.143) by oproxy8.bluehost.com with SMTP; 22 Oct 2011 16:35:56 -0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=apotheon.com; s=default; h=In-Reply-To:Content-Type:Mime-Version:References:Message-ID:Subject:To:From:Date; bh=J6JfpbDmOiOttmbE3CldmE2Sh+BOuIOGqwjR0+GaGiE=; b=l/HhsSMBsMCFay+0tuS5hDA9oqN0Aiz2pkTkT25IYG3DYlcaBTHPTHTESTDqEJdYxlCx8l7i9u8tOgAo6ApQBw7tek+eMMTk60Ddiy7/HnQosIngSTKsxS7Hj0SZrY58; Received: from c-24-8-180-234.hsd1.co.comcast.net ([24.8.180.234] helo=kukaburra.hydra) by box543.bluehost.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.76) (envelope-from ) id 1RHeY7-0000Mk-52 for freebsd-questions@freebsd.org; Sat, 22 Oct 2011 10:35:56 -0600 Received: by kukaburra.hydra (sSMTP sendmail emulation); Sat, 22 Oct 2011 10:34:19 -0600 Date: Sat, 22 Oct 2011 10:34:19 -0600 From: Chad Perrin To: freebsd-questions@freebsd.org Message-ID: <20111022163419.GB20964@guilt.hydra> Mail-Followup-To: freebsd-questions@freebsd.org References: <20111022161242.11803f76.freebsd@edvax.de> <201110221523.p9MFNNjZ019344@mail.r-bonomi.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="dc+cDN39EJAMEtIO" Content-Disposition: inline In-Reply-To: <201110221523.p9MFNNjZ019344@mail.r-bonomi.com> User-Agent: Mutt/1.4.2.3i X-Identified-User: {2737:box543.bluehost.com:apotheon:apotheon.org} {sentby:smtp auth 24.8.180.234 authed with ren@apotheon.org} Subject: Re: Breakin attempt X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Oct 2011 16:35:56 -0000 --dc+cDN39EJAMEtIO Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Oct 22, 2011 at 10:23:23AM -0500, Robert Bonomi wrote: >=20 > Arguements aginst doing so are generally based on the "'security by > obscurity' is not security" concept. >=20 > That argument _is_ 'technically accurate'. >=20 > Moving sshd to a non-standard port does _not_ do anything to make the=20 > system any more secure. >=20 > Of course, as long as one understands that that _is_ the case, and > is doing it for 'some other' defensible reason -- such as to eliminate > logfile 'noise' from script-kiddie 'doorknob rattlers' -- doing so > *is* perfectly reasonable. >=20 > *I* do it on _my_ machines, expressly for the reason stated in the prior > paragraph. I should have finished reading the thread before sending my own reply on a different branch of the discussion. This is (stated differently) pretty much exactly the message I meant to convey. --=20 Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ] --dc+cDN39EJAMEtIO Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) iEYEARECAAYFAk6i8IsACgkQ9mn/Pj01uKVu2wCffAz4RsZEFlHMkPqG6u1zZgGl tkQAoKTX/7qlc9RviMOtlemPEFM2GDqU =nZpD -----END PGP SIGNATURE----- --dc+cDN39EJAMEtIO--