Date: Mon, 8 Sep 2008 10:20:17 +0800 From: "joeb" <joeb@a1poweruser.com> To: <freebsd-questions@freebsd.org> Cc: FBSD1 <fbsd1@a1poweruser.com> Subject: RE: ssh Message-ID: <NBECLJEKGLBKHHFFANMBCEICCKAA.joeb@a1poweruser.com> In-Reply-To: <20080907204459.GB40687@shepherd>
next in thread | previous in thread | raw e-mail | index | archive | help
In FreeBSD 6.2 and older the port SSH listened on was controlled by /etc/services. Now in 7.0 SSH no longer looks at /etc/services to find out what port to listen on. Is this by design or error in the move to a newer release of SSH? When it comes to security through obscurity don't be so fast to shoot it down. On my system port 22 was receiving over 700 scans or login attempts a day. Changing the SSH to use xx22 port stopped all the high school and college script kiddies cold. Now I only get maybe 5 hits on my xx22 port every 3 months. In my book I would say 'security through obscurity' is a very simple first step solution that gives great results. But it will not stop the perpetrator who targets your IP addresses on purpose for some unknown reason. Then your SOL.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NBECLJEKGLBKHHFFANMBCEICCKAA.joeb>