Re: Need urgent help regarding security

ray_at_redshift.com
Date: 11/21/05

  • Next message: ray_at_redshift.com: "Re: Need urgent help regarding security" 
    Date: Mon, 21 Nov 2005 04:32:38 -0800
To: Peter Jeremy <PeterJeremy@optushome.com.au>, Marian Hettwer <MH@kernel32.de>

    At 07:52 PM 11/21/2005 +1100, Peter Jeremy wrote:
    | On Mon, 2005-Nov-21 09:33:07 +0100, Marian Hettwer wrote:
    | >ray@redshift.com wrote:
    | >>Also, if you have access to the router, it's handy to re-write
    | >>traffic from a higher public port down to port 22 on the server,
    | >>since that will trip up anyone doing scans looking for a connect on
    | >>port 22 across a large number of IP's.
    | >>
    | >No. That's security by obscurity and doesn't make your system even a wee
    | >bit more secure.
    |
    | It depends what you are guarding against. If someone wants to get into
    | _your_ system then it's worthless. OTOH, "you don't have to run faster
    | than the bear, just faster than someone else": Moving your ssh access
    | off port 22 means that someone doing a network scan of port 22 won't
    | see your system. This is reasonable protection against script kiddies.
    |
    | Definitely, don't rely on it as your only security. But, IMHO, it is
    | worth doing in addition to other security measures.
    | --
    | Peter Jeremy

    Thanks Peter. That was my thinking also. In other words, not as a replacement
    for anything else, but just in case someone out there was specifically scanning
    a lot of IP's on just port 22. Someone doing that sort of targeted scanning
    would make me nervous and I would want to do anything to avoid them. If someone
    was scanning "just for port 22 connects", my thinking was they probably had
    additional tools to go after any connects on those ports. Those aren't the sort
    of people I want to make scanning easy for :)

    Ray

    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

  • Next message: ray_at_redshift.com: "Re: Need urgent help regarding security"

    Relevant Pages

    • [TOOL] WeBrute - Directory Brute Forcer
      ... Get your security news from a reliable source. ... # Scan 127.0.0.1 port 80, Use wordlist and admin as start path ... # Scan 127.0.0.1 port 80, Use wordlist, and traverse scanning and verbose ... sub catchInterrupt { ...
      (Securiteam)
    • Re: free tool to encrypt php?
      ... Security by obscurity is no security at all. ... AND obscure, so that scanning every passwrd in the dictionary doesn't result in a match. ... No different from scanning every port in a machine, or every machine on the internet. ...
      (comp.lang.php)
    • Re: Network abuse report
      ... that's why you should try to improve your security every ... And don't think they are specificly scanning your network ... Whether you like it or not, port scanning is not ilegal. ...
      (Security-Basics)
    • Re: linuxolator problem on amd64
      ... Peter Jeremy wrote: ... ATTENTION! ... The port is experimental for now. ... Use it at your own risk. ...
      (freebsd-hackers)
    • comp.security.unix and comp.security.misc frequently asked questions
      ... Can I turn off identd? ... to learn about computer security? ... Niles and Jyrki Havia for tripwire bug details as posted to the newsgroup. ... connecting from port 20546 on your machine to port 25 on 205.238.143.33. ...
      (comp.security.misc)