[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How much difference does it make to run ssh on a different port number?

On 10/3/05, michael <linux@networkingnewsletter.org.uk> wrote:
On Mon, 2005-10-03 at 16:07 +0200, Tarapia Tapioco wrote:
> Occasionally people recommend running sshd on a different port number
> (not 22) to reduce the number of cracking attempts (dictionary
> attacks).
> Does this really make a big difference?
> Anyone have any statistics on it?

when i tried this the number of attacks went from several daily to zero.
unfort several remote computers i use seem to expect me to ssh out using
port 22 :(

To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

I don't see many attempts to crack into my ssh server, but a lot on my web server. Bunch of idiots who know how to do port scanning, and have read something about IIS hacks, try to do it on every port 80 that is open. But since I changed my port to some arbitrary number, I didn't see any hits that I didn't anticipate.

Of course changing port number is not the ultimate defense, as any one who knows how to scan from  1 to 65K will eventually be able to find out your open ports.


Reply to: