On Thu, Oct 16, 2014 at 02:48:22PM +0200, Martin Schr??der wrote: > 2014-10-16 13:16 GMT+02:00 Kevin Chadwick <ma1l1i...@yahoo.co.uk>: > > I still don't see the benefit though but do see added complexity or > > more code to audit. > > > > Reducing DDOS against a visible SSH service maybe? Reduce password > > attempts on your logs allowing them to go after targets that might > > actually use passwords (port change also works there, I find)? > > The impossibility to scan for services - which the NSA/GHCQ/... do.
It's a good thing that traffic analysis isn't a thing, then. Otherwise they'd be able to check if traffic purporting to go to port 80/443 doesn't look like HTTP traffic, or something.
