On Fri, 2004-12-17 at 15:51, Peter GILMAN wrote: > Ed White <[EMAIL PROTECTED]> wrote: > > | On Friday 17 December 2004 15:45, Roy Morris wrote: > | > change your ssh port to like 30222 or something .. > | > | That's dumb. > > why? > > > Choose a port < 1024. > > why?
not trying to speak for ed, but IMHO...it's dumb because any yahoo with a local account on a machine can create a listening socket on a port >= 1024. running a daemon on a port < 1024 requires privilege (thus the name)...sshd deserves the VIP treatment. if it doesn't conflict with an ssl httpd...443 is an awfully remote-side-firewall-friendly choice for an alternate sshd port... -j -- "I hope I didn't brain my damage." --The Simpsons