[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ssh to NATed box fails



On Thu, Jan 01, 2004 at 06:06:34PM -0500, Johann Koenig wrote:
> On Thursday January  1 at 11:47pm
> Jan Minar <Jan.Minar@seznam.cz> wrote:
> 
> > On Thu, Jan 01, 2004 at 09:42:09PM +0000, Adam Barton wrote:
> > > At least then a script kiddy won't simply find port 22 open and
> > > start to bruteforce your ssh password. He has to scan higher than
> > > normal to find your SSH which he/she is less likely to do.
> > 
> > This is a ``security by obscurity''; a naive approach that works by
> > giving you a warm fuzzy feeling that you've done your homework, which
> > lessens your alertness, so you won't ever notice the intruders.
> 
> Plus, a quick nmap scan will discover the open ports pretty quickly.

| % nmap -p 22,10002,1022 mental-graffiti.com 
| Starting nmap V. 2.54BETA31 ( www.insecure.org/nmap/ )
| Warning:  You are not root -- using TCP pingscan rather than ICMP
| Interesting ports on 24-161-30-224.hvc.rr.com (24.161.30.224):
| (The 2 ports scanned but not shown below are in state: closed)
| Port       State       Service
| 22/tcp     open        ssh                     
| 
| 
| Nmap run completed -- 1 IP address (1 host up) scanned in 6 seconds
| % nc mental-graffiti.com 22
| SSH-2.0-OpenSSH_3.6.1p2 Debian 1:3.6.1p2-10

BTW, noone is going to bruteforce your passwords, it just isn't worth it.
There are more elegant and less expensive methods.

Cheers,
Jan.

-- 
Jan Minar                      "Please don't CC me, I'm subscribed." x 4

Attachment: pgplonD97fHXY.pgp
Description: PGP signature


Reply to: