On 12/22/2017 05:47 AM, Sam Bull wrote:
On Fri, 2017-12-22 at 13:32 +0100, Sebastian wrote:
On 12/22/2017 01:02 PM, Alice Wonder wrote:
On 12/22/2017 03:57 AM, Torge Riedel wrote:
Maybe there is one hint to offer in the guide: Change the port of sshd
to somewhat else than 22. I observed massive reduction of sshd attacks
on my servers after changing the port.
Indeed, that's fairly standard. Wasn't aware it wasn't in the guide.
Because it's not cryptography.
I was also under the impression that these reserved ports were better protected
by the OS, changing to a non-standard port could actually result in reducing
security.
A very quick Google seems to agree with what I remember, e.g.
https://www.adayinthelifeof.nl/2012/03/12/why-putting-ssh-on-another-port-than-22-is-bad-idea/
Leaving it on the default port ensures the OS will be doing everything it can to
protect it. Changing it might reduce the number of random brute force attempts
(but these are not going to succeed if you've secured your system anyway), but
might make your server more vulnerable to an actual targeted attack (which is
significantly more likely to succeed).
Only thing OS does to protect it is run it on a port below 1024.
In the event the sshd daemon crashed and a user on the system started a
fake service, the fingerprint wouldn't match and users/apps trying to
connect would be alerted.
_______________________________________________
Ach mailing list
[email protected]
https://lists.cert.at/cgi-bin/mailman/listinfo/ach
