On 2014-07-22 20:35, Oleg Goldshmidt wrote:I am not arguing for or against using a non-standard port. Just pointing out that "non-standard" and "non-privileged" are two different things.Yep, but now you are back to scanning only 1024 ports, instead of 65536, is there any gain? On a PC/SOHO setup -- where most data is "held by the user anyway"-- user & root are "closer", so you probably gain security by a random high port. In a large network maybe not. (setups in between have some hard thinking to do, and/or test with a honey-pot what is mostly scanned :-) You can always port foreword a high non-privileged port on a router to 22 on the server. see: http://stackoverflow.com/questions/10182798/why-are-ports-below-1024-privileged/ |
_______________________________________________ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
