[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ssh to NATed box fails

On Thu, Jan 01, 2004 at 11:47:36PM +0100, Jan Minar wrote:
> > At least then a script kiddy won't simply find port 22 open and
> > start to bruteforce your ssh password. He has to scan higher than
> > normal to find your SSH which he/she is less likely to do.
> This is a ``security by obscurity''; a naive approach that works by
> giving you a warm fuzzy feeling that you've done your homework, which
> lessens your alertness, so you won't ever notice the intruders.

This isn't really useless... a certain amount of obscurity can be
beneficial.  The thing to remember is that it's only helpful up to a

For example, a couple of months ago I started running ssh on a
non-standard port (strictly for connectivity reasons).  Before the
change, I was getting several dozen scans and exploit attempts daily. 
Afterward, 1-2 scans per day is the norm.

If someone decides to target my box specifically, there's little doubt
that ssh will be quickly discovered.  But in the meantime, moving it
has clearly cut out A LOT of script-kiddie activity.

Attachment: signature.asc
Description: Digital signature

Reply to: