On Thu, Jan 01, 2004 at 06:06:34PM -0500, Johann Koenig wrote:
On Thursday January 1 at 11:47pm
Jan Minar <Jan.Minar@seznam.cz> wrote:
On Thu, Jan 01, 2004 at 09:42:09PM +0000, Adam Barton wrote:
At least then a script kiddy won't simply find port 22 open and
start to bruteforce your ssh password. He has to scan higher than
normal to find your SSH which he/she is less likely to do.
This is a ``security by obscurity''; a naive approach that works by
giving you a warm fuzzy feeling that you've done your homework, which
lessens your alertness, so you won't ever notice the intruders.
Plus, a quick nmap scan will discover the open ports pretty quickly.
| % nmap -p 22,10002,1022 mental-graffiti.com
| Starting nmap V. 2.54BETA31 ( www.insecure.org/nmap/ )
| Warning: You are not root -- using TCP pingscan rather than ICMP
| Interesting ports on 24-161-30-224.hvc.rr.com (24.161.30.224):
| (The 2 ports scanned but not shown below are in state: closed)
| Port State Service
| 22/tcp open ssh
|
|
| Nmap run completed -- 1 IP address (1 host up) scanned in 6 seconds
| % nc mental-graffiti.com 22
| SSH-2.0-OpenSSH_3.6.1p2 Debian 1:3.6.1p2-10
BTW, noone is going to bruteforce your passwords, it just isn't worth it.
There are more elegant and less expensive methods.
Cheers,
Jan.