[svlug] ssh attacks - ideas
fabriziobertocci at gmail.com
Fri Oct 22 15:05:47 PDT 2004
I agree with everybody: changing the port in theory won't make the
system more secure... it's easy to find it...
*BUT*, the fact is that I'm currently managing two servers: on the one
with ssh listening to port 22 I see a daily list of failed login
attempts... (some days even more than one hundred... )
For the other server (ssh listening on port 7789), since I moved sshd
to listen to port 7789, I've NEVER seen a login attempt.
Most likely hackers uses scripts to scan a range of IP for a daemon
responding on standard port 22... and don't bother too much for
scanning other ports...
The reason why I chose 7789? Because it's a number that's faster to
type (with or without numeric keypad) ;-)
On Fri, 22 Oct 2004 14:36:17 -0700, Rafael Skodlar <raffi at linwin.com> wrote:
> On Fri, Oct 22, 2004 at 02:18:47PM -0700, Anthony Ettinger wrote:
> > What difference does the port make? I don't see how
> Exactly. NMAP can tell you that some other port has ssh listening on it
> if somebody decides to scan you on all kinds of ports.
> > this has any baring on whehter or not your machine is
> > secure.
> If your level of paranoia is so high, then firewall ports so that
> connections are limited to certain sources. If that's not acceptable, I
> have my doubts in it's practicality, then use port knocking technique to
> open default ssh port only when needed.
> > --- Norman Shapiro <norm at dad.dad.org> wrote:
> > > "Edward M. Goldberg" <emg at EdwardMGoldberg.com>
> > > writes
> > >
> > > >Pick [the port that sshd will listen to] with care!
> > >
> > > Can you tell me what to be careful about? How do I
> > > pick the port? Is there
> > > some appropriate range?
> > >
> > > Thanks for being patient with my stupidity.
> > >
> > > Norman Shapiro
> > > 798 Barron Avenue
> > > Palo Alto CA 94306-3109
> > > (650) 565-8215
> > > norm at dad.org
> "There really can be no debate about it now: natural human ability to
> percieve number does not exceed four!"
> --- George Ifrah, The Universal History of Numbers.
> svlug mailing list
> svlug at lists.svlug.org
More information about the svlug