Allegedly, on or about 08 July 2013, James Hogarth sent: > If you want SSH on a different port the better options are to pick a > port below 1024 (and add that port to the sshd_t context via semanage) > or to bind SSH to 22 and to use iptables to do a redirection > internally from the high level port you want to the 22 that it is > really listening on ... that way an unprivileged process/user cannot > impersonate your SSH daemon and externally it's still visible on > whichever port you prefer.
And I'd certainly avoid putting anything exploitable, ever, on port 23456. Maybe that was just a made up example by the original poster, but consecutive numbers like that, and other common number sequences, are just the sort of thing that wannabes hackers are going to type in to play with. -- [tim@localhost ~]$ uname -rsvp Linux 3.9.8-100.fc17.x86_64 #1 SMP Thu Jun 27 19:19:57 UTC 2013 x86_64 All mail to my mailbox is automatically deleted, there is no point trying to privately email me, I will only read messages posted to the public lists. George Orwell's '1984' was supposed to be a warning against tyranny, not a set of instructions for supposedly democratic governments. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
