From owner-freebsd-questions@FreeBSD.ORG Sun Oct 23 12:09:39 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4D3DC106566C for ; Sun, 23 Oct 2011 12:09:39 +0000 (UTC) (envelope-from btillman99@yahoo.com) Received: from nm29-vm0.bullet.mail.sp2.yahoo.com (nm29-vm0.bullet.mail.sp2.yahoo.com [98.139.91.236]) by mx1.freebsd.org (Postfix) with SMTP id 1EE928FC0A for ; Sun, 23 Oct 2011 12:09:39 +0000 (UTC) Received: from [98.139.91.70] by nm29.bullet.mail.sp2.yahoo.com with NNFMP; 23 Oct 2011 11:57:06 -0000 Received: from [98.139.91.21] by tm10.bullet.mail.sp2.yahoo.com with NNFMP; 23 Oct 2011 11:56:06 -0000 Received: from [127.0.0.1] by omp1021.mail.sp2.yahoo.com with NNFMP; 23 Oct 2011 11:56:06 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 293549.39786.bm@omp1021.mail.sp2.yahoo.com Received: (qmail 78651 invoked by uid 60001); 23 Oct 2011 11:56:05 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1319370965; bh=7Ya2BKc0+AbAJqVtXSg2SMjUhO0nsAfEh68xiz6gX48=; h=X-YMail-OSG:Received:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=nODo00/fbL3zt6D2FFzns+Xy1EUvkETNBeX7nrjkWNNoJfp9ppBPcjFgJJszIADgg2rMXRUR6hyqvtV/wnl9iKlFy9C8cPm0DseFtqSuQOTaFa29MaQ04wAye/l2IDgOOyLLej7cvPH7ANlQblEinZz5GXcUGgCJb0VG+Ou6ZpM= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=lqLgn/QOdrU2DBnNO5ITffPa3IU1PZ4O7XIH2n1/wngj508KFocDAMryQ6Jy/FtV208/+IapT6unN2MXVxALL06dQ2IpHx0eRyy4n4NFN3ESwhr+Aa+lCHGEED9PT4j9llIF2QQPKRDlZeklaArNRj4D1/d+GhSkQZY1gVwFNR0=; X-YMail-OSG: pEcWzIsVM1kRulNReEZOLtNwpqvH4R449C4SceE6EARVUul z2cE7sEz9KB36hnRBRcGljYPFBU4DCqVXMAHd2rUKUOICLCidY8t0N2nPIBP R8IKT47eJssU5.3LLePRC_2BmKTonUvcB1E7A9ykmO8Ljm0mwF2hjaZo7cB7 J1U_UX81nBmNN_Acj9RisxecIvsgkpO7z92.GFURzpg.xuO1Hatg6c.54ui0 _F37kzA0LyGGAKV.OLZaui21I9CAZmlXEV2L3NzDnGbGa5MgWhN_JCTGdzNP v7Vmc9FxxNjgQhS8o6yWTqwU7hz9GrKoiPLoeQ5TtU9Q49qmbBoOpwuHPSLn uejUtc3SPnslfKPAKh.zkTeh4CtaMQePFYudkMbDVNtGOrUP7Pnde9pynV4q ngmZy.oSKHwSA40BWCg7D.H7_gVfrCSasKyRDAVTE2XBQUYBDq9zMQu_FmEr D0SlMufI- Received: from [98.203.44.66] by web36501.mail.mud.yahoo.com via HTTP; Sun, 23 Oct 2011 04:56:05 PDT X-Mailer: YahooMailWebService/0.8.114.317681 References: <000001cc90c0$a0c16050$e24420f0$@org> <4EA2CE72.5030202@cran.org.uk> <20111022161242.11803f76.freebsd@edvax.de> <85D6B8A7-9AF6-4188-BC58-F8CBF5ED9E91@cran.org.uk> Message-ID: <1319370965.37165.YahooMailNeo@web36501.mail.mud.yahoo.com> Date: Sun, 23 Oct 2011 04:56:05 -0700 (PDT) From: Bill Tillman To: Bruce Cran , Polytropon In-Reply-To: <85D6B8A7-9AF6-4188-BC58-F8CBF5ED9E91@cran.org.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: "freebsd-questions@freebsd.org" Subject: Re: Breakin attempt X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Bill Tillman List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Oct 2011 12:09:39 -0000 ________________________________ From: Bruce Cran To: Polytropon Cc: freebsd-questions@freebsd.org Sent: Saturday, October 22, 2011 10:37 AM Subject: Re: Breakin attempt On 22 Oct 2011, at 15:12, Polytropon wrote: > On Sat, 22 Oct 2011 15:08:50 +0100, Bruce Cran wrote: >> I suspect that these sorts of attacks are fairly normal if you're >> running ssh on the standard port. I used to have lots of 'break-in >> attempts' before I moved the ssh server to a different port. > > Is there _any_ reason why moving from port 22 to something > different is _not_ a solution? If you run some sort of shell server, or where many people need to login using ssh, you'll have a bit of a support problem telling people to select the non-default port. Also, some might consider it security through obscurity, which is often said to be a bad thing. -- Bruce Cran _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" I agree. I run ssh on a different port and still some hackers, usually from the Far East still detect it and try to gain access. It happens all the time. Remember there is a big difference between a break-in and an attempted break-in. It is a sad state of affairs that so much effort and energy and high IQ thinking is spent on security these days. If we could just channel all that energy into something more useful. The point about giving so many others ssh logins is something I cringe on as well. I realize it's useful and needed, but there is a real myth out there that hackers are overwhelmingly intelligent and must be highly skilled to hack into someone's system. I think if you were to examine the real numbers you'd find the vast majority of break ins come from someone who either has a login username and password, bought or stole a username and password or overheard someone talking about their username and password. There are of course exceptions but the media and hype about all these intelligent hackers is just overblown. Loose lips sink ships. And as soon as more than one person knows a secret...it's no longer a secret.