The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
[ HOME | TOPICS | INDEX | WEB RESOURCES | BOOKS | CONTRIBUTE | SEARCH | FEEDBACK | FAQ | FORUMS ]

 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Previous Message  |  Next Message 
 Security through obscurity.
Author: alive 
Date:   31-01-07 17:06

Putting sshd on a "higher port" is security through obscurity.

Brute-force bots try a limited set of usernames, and should therefore in practice not be feared by a sensible admin.

Through this, we can conclude that if someone actually, really, wanted to break in to *your* server, changing the port of your sshd is not going to hinder them one least bit. The first thing a hacker ever does to a server is to probe for open ports using nmap.

However, I do believe that only allowing ssh key logins is a good part of the solution: Passwords are insecure.

For everybody else, I would suggest to either disable password authentication on their sshd, or download DenyHosts (It's in the ports, and on denyhosts.sf.net)

 Reply To This Message  |  Forum List  |  Flat View   Newer Topic  |  Older Topic 

 Topics Author  Date
 Security through obscurity.   new
alive 31-01-07 17:06 
 Re: Security through obscurity.   new
Dan 31-01-07 17:25 
 Re: Security through obscurity.   new
alive 31-01-07 17:34 
 Re: Security through obscurity.   new
Dan 31-01-07 17:48 
 Re: Security through obscurity.   new
alive 12-10-07 05:33 
 Re: Security through obscurity.   new
Dan 12-10-07 09:17 


 Forum List  |  Need a Login? Register Here 
 User Login
 User Name:
 Password:
 Remember my login:
   
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum

phorum.org