Date: Tue, 4 Sep 2001 03:39:55 +0000 From: Kevin Way <kevin.way@overtone.org> To: Not Going to Tell You <luckywolf19@hotmail.com> Cc: freebsd-security@freebsd.org Subject: Re: Possible New Security Tool For FreeBSD, Need Your Help. Message-ID: <20010904033955.A52291@bean.overtone.org> In-Reply-To: <F199ECBlGkVf370Skbs00003266@hotmail.com>; from luckywolf19@hotmail.com on Mon, Sep 03, 2001 at 02:14:28PM %2B0000 References: <F199ECBlGkVf370Skbs00003266@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--dDRMvlgZJXvWKvBx Content-Type: text/plain; charset=us-ascii Content-Disposition: inline > But by hidding the sshd port, maybe, just maybe, we can reduce the > number of script kiddies from trying sshd scripts. just a note that nobody has directly mentioned. You're also exposing yourself to additional risks. -Administrators could potentially be located behind unusual firewalls which could hinder the magic port sequence delivery. -Administrators could potentially be working over a network connection with high loss rates, making the magic port sequence delivery infeasible -Administrators could potentially be working over network connections with unpredictable latency, making the sequence arrive in the incorrect order -there could be an unforeseen failure mode of the software which causes the port to fail to open, despite proper network transmission of the correct code. I really don't care if you want to implement this idea or not, but I'd urge you to consider these risks before you move forward. Kevin Way --dDRMvlgZJXvWKvBx Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7lE0LKxA01iDoLN4RAj1oAJ96nCorQ4zLx03o5xb5yLfAlhKP1gCdF9Um T72KGthsufykFGjwjq5cZRI= =wSpV -----END PGP SIGNATURE----- --dDRMvlgZJXvWKvBx-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010904033955.A52291>