On Thu, Jan 01, 2004 at 11:47:36PM +0100, Jan Minar wrote: > > At least then a script kiddy won't simply find port 22 open and > > start to bruteforce your ssh password. He has to scan higher than > > normal to find your SSH which he/she is less likely to do. > > This is a ``security by obscurity''; a naive approach that works by > giving you a warm fuzzy feeling that you've done your homework, which > lessens your alertness, so you won't ever notice the intruders. This isn't really useless... a certain amount of obscurity can be beneficial. The thing to remember is that it's only helpful up to a point. For example, a couple of months ago I started running ssh on a non-standard port (strictly for connectivity reasons). Before the change, I was getting several dozen scans and exploit attempts daily. Afterward, 1-2 scans per day is the norm. If someone decides to target my box specifically, there's little doubt that ssh will be quickly discovered. But in the meantime, moving it has clearly cut out A LOT of script-kiddie activity.
Description: Digital signature