Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 22 Oct 2011 21:18:26 +0200
From:      =?ISO-8859-1?Q?Erik_N=F8rgaard?= <norgaard@locolomo.org>
To:        freebsd-questions@freebsd.org
Subject:   Re: Breakin attempt
Message-ID:  <4EA31702.7080406@locolomo.org>
In-Reply-To: <20111022161242.11803f76.freebsd@edvax.de>
References:  <000001cc90c0$a0c16050$e24420f0$@org> <4EA2CE72.5030202@cran.org.uk> <20111022161242.11803f76.freebsd@edvax.de>

next in thread | previous in thread | raw e-mail | index | archive | help
On 22/10/2011 16:12, Polytropon wrote:
> Is there _any_ reason why moving from port 22 to something
> different is _not_ a solution?
Yes
> Reason why I'm asking: Moving SSH away from its default port
> seems to be a relatively good solution as break-in attempts
> concentrate on default ports. So in case a sysadmin decides
> to move SSH to a "hidden" location, what could be an argument
> against this decision?
Moving to a non standard port does not provide you any additional real 
security. The random scannings and occasional attacks will disappear 
from your logs but these are not interesting, they fail because you 
already hardened your server. Those who are determined to break into 
your server will also find your ssh running on a non-standard port.

On the other hand, those legitimate users who rely on ssh to connect 
remotely to their account may not be able to because the firewall on the 
network only allows access to standard ports for whatever reason, and 
running ssh on port, say, 24 is a non-standard port. It is actually 
common to block access to most ports and allow access only through a 
proxy, and then open for those particular services that will not run 
through a proxy. Hence, if you want to be sure to be able to connect 
remotely, your best bet is to run your services on standard ports.

In summary, nothing is won moving ssh to a nonstandard port except for 
potential problems.

BR, Erik





Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4EA31702.7080406>