[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Need urgent help regarding security
- To: ray_(_at_)_redshift_(_dot_)_com
- Subject: Re: Need urgent help regarding security
- From: Marian Hettwer <MH_(_at_)_kernel32_(_dot_)_de>
- Date: Mon, 21 Nov 2005 14:16:45 +0100
- Cc: Peter Jeremy <PeterJeremy_(_at_)_optushome_(_dot_)_com_(_dot_)_au>, freebsd-security_(_at_)_freebsd_(_dot_)_org
Hej Ray,
ray_(_at_)_redshift_(_dot_)_com wrote:
The point isn't to get more secure. You are correct by saying that moving the
Hu. I thought the point was to get more security. If it's more about
"stealth", okay, move the daemon to another port :)
port # doesn't make anything more secure. But why make it easy for someone that
might be doing a scan to find your SSH prompt during a scan that may be focused
on ports 21, 22, 25, 80 and 110?
Of course it's a bit harder to find your sshd, if it's not running on
tcp/22. And maybe, an automated script won't find the sshd. A human
being will, indeed, find the sshd pretty quick. Take any port which
responds with an SYN-ACK to your SYN and of you go on that port with
telnet...
Along these same lines, we used to even re-compile sshd and remove the welcome
message/version number in the connect. I know there are two schools of thought
on broadcasting your version numbers on connections, but in the mid 90's, we did
do that from time to time.
And if you don't get the ssh banner, it might get harder now :-)
Anyway, to each their own :)
ack.
Marian
_______________________________________________
freebsd-security_(_at_)_freebsd_(_dot_)_org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe_(_at_)_freebsd_(_dot_)_org"
Visit your host, monkey.org