+------------------------------------------------------------------------------
| On (03/10/05 16:07), Tarapia Tapioco wrote:
|
| From: Tarapia Tapioco <comesefosse@ntani.firenze.linux.it>
| To: debian-user@lists.debian.org
| Subject: How much difference does it make to run ssh on a different port number?
| Date: Mon, 3 Oct 2005 16:07:45 +0200 (CEST)
|
| Occasionally people recommend running sshd on a different port number
| (not 22) to reduce the number of cracking attempts (dictionary
| attacks).
|
| Does this really make a big difference?
| Anyone have any statistics on it?
|
| Thanks.
Changing the port just stops attempts from being logged, in the way
you log them. Worms and virus infected computers all over the world
will still try to connect to port 22/80/whatever and try whatever
they have programmed to do.
Though it is very annoying, there is nothing you can do to stop it
other than making your ip space unroutable, yet that is kinda useless ;)
If it bothers you to see the logs, don't log it.
If you feel scared about your password, pick stronger passwords and you
can even use john the ripper to test your passwords.
.gov "Green Book" on passwords is still relevant, and people should still
be using what it suggests, and with non-DES password storage anymore, the
passwords should be longer than 8 characters.
If you have ports open, unwelcome people are going to try to connect, and
try to run attacks, but most of those attacks are worms/trojans/viruses on
infected windows machines and are well documented.
Just make sure your software is up to date and your passwords are good, and
you'll be fine. Again, if you don't like the logs, don't look or store it ;)
-Chris