Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Micheas Herman (mmicheas.net)
Date: Mon Oct 05 2009 - 15:02:46 CDT
On Mon, 2009-10-05 at 12:46 -0600, Lyndon Nerenberg - VE6BBM/VE7TFX
> > Granted, if somebody is not specifically targeting you and is just scanning
> > ranges to find sshd on 22 they will pass you right up since that port will
> > be closed.
> The port change was intended only to avoid the port scanners.
And when you get notices in your logs, you can respond, as you
know you are being targeted and can take appropriate responses.
The biggest reason I can see for running ssh on an non-standard
port is increasing the signal to noise ratio in the logs.
If you can investigate every failed ssh login, you should be
safer than if you ignore 40,000 failed logins a day.
Just my experience, but of course being able to effortlessly
investigate 40,000 failed logins would probably be a better
> freebsd-securityfreebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"
Things past redress and now with me past care.
-- William Shakespeare, "Richard II"
freebsd-securityfreebsd.org mailing list
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"