Date: Tue, 23 Jun 2009 09:53:30 -0400 From: Daniel Underwood <djuatdelta@gmail.com> To: Erik Norgaard <norgaard@locolomo.org> Cc: freebsd-questions@freebsd.org Subject: Re: Best practices for securing SSH server Message-ID: <b6c05a470906230653i6ce647c1p415e769b63d9e169@mail.gmail.com> In-Reply-To: <4A406D81.3010803@locolomo.org> References: <b6c05a470906221816l4001b92cu82270632440ee8a@mail.gmail.com> <4A406D81.3010803@locolomo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> I do not believe that tricks like running ssh on a > non standard port or using port-knocking provide > much extra security. I can understand that varying the port is not a very strong defensive measure, but I don't understand your point about port-knocking. If you configure a complex and seemingly random sequence of knocks before allowing an IP access to your ssh port, have you not significantly strengthened your ssh server?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b6c05a470906230653i6ce647c1p415e769b63d9e169>