Re: Securing SSH wiki article outdated

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 02/13/2015 09:15 AM, Chris Adams wrote:
Yeah, the old "move stuff to alternate ports" thing is largely a waste of time and just makes it more difficult for legitimate use. With large bot networks and tools like zmap, finding services on alternate ports is not that hard for the "bad guys".

Having SSH on 22 is lower-hanging fruit than having SSH on a different port. Sure, an NBA all-star will be able to reach the apples at the top of the tree easily, but most people are not NBA all-stars. Most port-scanners do not scan all possible ports.

And I am fully aware that people in the 'it's a waste of time' camp are unmoved by that. It's not worth arguing about; those who move to non-standard ports are going to want to do it anyway.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux