From owner-freebsd-questions@FreeBSD.ORG Sat Oct 22 17:11:36 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D962E106564A for ; Sat, 22 Oct 2011 17:11:36 +0000 (UTC) (envelope-from freebsd-questions-local@be-well.ilk.org) Received: from asbnvacz-mailrelay01.megapath.net (asbnvacz-mailrelay01.megapath.net [207.145.128.243]) by mx1.freebsd.org (Postfix) with ESMTP id A73E68FC18 for ; Sat, 22 Oct 2011 17:11:36 +0000 (UTC) Received: from mail7.sea5.speakeasy.net (mail7.sea5.speakeasy.net [69.17.117.52]) by asbnvacz-mailrelay01.megapath.net (Postfix) with ESMTP id A0DDCA70304 for ; Sat, 22 Oct 2011 13:11:35 -0400 (EDT) Received: (qmail 22021 invoked from network); 22 Oct 2011 17:11:34 -0000 Received: by simscan 1.4.0 ppid: 7678, pid: 19980, t: 0.1553s scanners: clamav: 0.88.2/m:52/d:13513 Received: from dsl092-078-145.bos1.dsl.speakeasy.net (HELO be-well.ilk.org) ([66.92.78.145]) (envelope-sender ) by mail7.sea5.speakeasy.net (qmail-ldap-1.03) with SMTP for ; 22 Oct 2011 17:11:34 -0000 Received: from lowell-desk.lan (lowell-desk.lan [172.30.250.8]) by be-well.ilk.org (Postfix) with ESMTP id 165142E0D9; Sat, 22 Oct 2011 13:11:28 -0400 (EDT) Received: by lowell-desk.lan (Postfix, from userid 1147) id DBAA83983C; Sat, 22 Oct 2011 13:11:27 -0400 (EDT) From: Lowell Gilbert To: Polytropon References: <000001cc90c0$a0c16050$e24420f0$@org> <4EA2CE72.5030202@cran.org.uk> <20111022161242.11803f76.freebsd@edvax.de> Date: Sat, 22 Oct 2011 13:11:27 -0400 In-Reply-To: <20111022161242.11803f76.freebsd@edvax.de> (Polytropon's message of "Sat, 22 Oct 2011 16:12:42 +0200") Message-ID: <444nz17xz4.fsf@lowell-desk.lan> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: freebsd-questions@freebsd.org Subject: Re: Breakin attempt X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd-questions@freebsd.org List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Oct 2011 17:11:36 -0000 Polytropon writes: > On Sat, 22 Oct 2011 15:08:50 +0100, Bruce Cran wrote: >> I suspect that these sorts of attacks are fairly normal if you're >> running ssh on the standard port. I used to have lots of 'break-in >> attempts' before I moved the ssh server to a different port. > > Is there _any_ reason why moving from port 22 to something > different is _not_ a solution? > > Reason why I'm asking: Moving SSH away from its default port > seems to be a relatively good solution as break-in attempts > concentrate on default ports. So in case a sysadmin decides > to move SSH to a "hidden" location, what could be an argument > against this decision? Connecting from behind other people's paranoid firewalls gets difficult on other ports.