[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ssh to NATed box fails

Greg Norris wrote:

On Thu, Jan 01, 2004 at 11:47:36PM +0100, Jan Minar wrote:
At least then a script kiddy won't simply find port 22 open and
start to bruteforce your ssh password. He has to scan higher than
normal to find your SSH which he/she is less likely to do.
This is a ``security by obscurity''; a naive approach that works by
giving you a warm fuzzy feeling that you've done your homework, which
lessens your alertness, so you won't ever notice the intruders.

This isn't really useless... a certain amount of obscurity can be
beneficial.  The thing to remember is that it's only helpful up to a

For example, a couple of months ago I started running ssh on a
non-standard port (strictly for connectivity reasons).  Before the
change, I was getting several dozen scans and exploit attempts daily. Afterward, 1-2 scans per day is the norm.

If someone decides to target my box specifically, there's little doubt
that ssh will be quickly discovered.  But in the meantime, moving it
has clearly cut out A LOT of script-kiddie activity.

This is exactly my point. Thanks for backing me up on this one ;)

/me tips hat


Reply to: