Re: openssh concerns

On Mon, 5 Oct 2009 12:03:44 -0600, Lyndon Nerenberg - VE6BBM/VE7TFX
<lyndon@xxxxxxxxxx> wrote:
Personally I tend to either firewall the OpenSSH daemon, or leave it
wide open. I don't really see the point in changing ports, as long as
they are still publicly available.

The ssh bots only seem to probe port 22. In well over a year of
running my ssh servers on a different (very low numbered) port I
haven't logged a single probe (across about a dozen highly visible


I personally don't use it (although I'm considering it), but you could
look into port knocking. Changing the port that SSHD binds to definitely
falls under that obscurity line since if somebody is targeting you, they
very well may run a SYN scan (Mmm namp) and read the banners to quickly
find out what port you are running sshd on, then target bots accordingly.
Granted, if somebody is not specifically targeting you and is just scanning
ranges to find sshd on 22 they will pass you right up since that port will
be closed.


() ascii ribbon campaign - against html e-mail
/\ - against proprietary attachments
freebsd-security@xxxxxxxxxxx mailing list
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • Re: Carnival Modifies & Cancels Cruises!
    ... When are people going to read their contract and see that the cruise lines have the option of changing ports. ... If you want a specific port, ... But I feel the CCL was well aware of the problems in advance and folks ...
  • Re: OWA Ex2k3 - Changing Default SSL Port (443)?
    ... however, when using the standard port and a new ... cert it works fine. ... When changing ports, I issued ...
  • Re: Some times
    ... changing ports, but hadn't realised that it was the server who had ... The port you set in OE is the port to connect to on the ... Over five years' statistics now available. ...
  • RE: odd scans?
    ... targeting all/many ports). ... be poor execution of a DoS attack. ... but the random source port threw me off. ...
  • Re: openssh concerns
    ... The ssh bots only seem to probe port 22. ... running my ssh servers on a different port I ...