From: Micheas Herman (mmicheas.net)
Date: Mon Oct 05 2009 - 15:02:46 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 2009-10-05 at 12:46 -0600, Lyndon Nerenberg - VE6BBM/VE7TFX
wrote:
> > Granted, if somebody is not specifically targeting you and is just scanning
> > ranges to find sshd on 22 they will pass you right up since that port will
> > be closed.
>
> The port change was intended only to avoid the port scanners.

        And when you get notices in your logs, you can respond, as you
        know you are being targeted and can take appropriate responses.
        
        The biggest reason I can see for running ssh on an non-standard
        port is increasing the signal to noise ratio in the logs.
        
        If you can investigate every failed ssh login, you should be
        safer than if you ignore 40,000 failed logins a day.
        
        Just my experience, but of course being able to effortlessly
        investigate 40,000 failed logins would probably be a better
        situation.
        
        
>
> _______________________________________________
> freebsd-securityfreebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"

--
Things past redress and now with me past care.
                -- William Shakespeare, "Richard II"

_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]