Re: Need urgent help regarding security

• Previous message: Marian Hettwer: "Re: Need urgent help regarding security"
• In reply to: Marian Hettwer: "Re: Need urgent help regarding security"
• Next in thread: Marian Hettwer: "Re: Need urgent help regarding security"
• Reply: Marian Hettwer: "Re: Need urgent help regarding security"
• Reply: ray_at_redshift.com: "Re: Need urgent help regarding security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 21 Nov 2005 19:52:21 +1100
To: Marian Hettwer <MH@kernel32.de>

On Mon, 2005-Nov-21 09:33:07 +0100, Marian Hettwer wrote:
>ray@redshift.com wrote:
>>Also, if you have access to the router, it's handy to re-write
>>traffic from a higher public port down to port 22 on the server,
>>since that will trip up anyone doing scans looking for a connect on
>>port 22 across a large number of IP's.
>>
>No. That's security by obscurity and doesn't make your system even a wee
>bit more secure.

It depends what you are guarding against. If someone wants to get into
_your_ system then it's worthless. OTOH, "you don't have to run faster
than the bear, just faster than someone else": Moving your ssh access
off port 22 means that someone doing a network scan of port 22 won't
see your system. This is reasonable protection against script kiddies.

Definitely, don't rely on it as your only security. But, IMHO, it is
worth doing in addition to other security measures.

-- 
Peter Jeremy
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

• Previous message: Marian Hettwer: "Re: Need urgent help regarding security"
• In reply to: Marian Hettwer: "Re: Need urgent help regarding security"
• Next in thread: Marian Hettwer: "Re: Need urgent help regarding security"
• Reply: Marian Hettwer: "Re: Need urgent help regarding security"
• Reply: ray_at_redshift.com: "Re: Need urgent help regarding security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages comp.security.unix and comp.security.misc frequently asked questions ... Can I turn off identd? ... to learn about computer security? ... Niles and Jyrki Havia for tripwire bug details as posted to the newsgroup. ... connecting from port 20546 on your machine to port 25 on 205.238.143.33. ... (comp.security.misc) comp.security.unix and comp.security.misc frequently asked questions ... Can I turn off identd? ... to learn about computer security? ... Niles and Jyrki Havia for tripwire bug details as posted to the newsgroup. ... connecting from port 20546 on your machine to port 25 on 205.238.143.33. ... (comp.security.misc) comp.security.unix and comp.security.misc frequently asked questions ... Can I turn off identd? ... to learn about computer security? ... Niles and Jyrki Havia for tripwire bug details as posted to the newsgroup. ... connecting from port 20546 on your machine to port 25 on 205.238.143.33. ... (comp.security.misc) comp.security.unix and comp.security.misc frequently asked questions ... Can I turn off identd? ... to learn about computer security? ... Niles and Jyrki Havia for tripwire bug details as posted to the newsgroup. ... connecting from port 20546 on your machine to port 25 on 205.238.143.33. ... (comp.security.misc) comp.security.unix and comp.security.misc frequently asked questions ... Can I turn off identd? ... to learn about computer security? ... Niles and Jyrki Havia for tripwire bug details as posted to the newsgroup. ... connecting from port 20546 on your machine to port 25 on 205.238.143.33. ... (comp.security.misc)