On Feb 27, 2011 3:23 AM, "Andrei Popescu" <andreimpopescu@gmail.com> wrote:
>
> On Sb, 26 feb 11, 18:11:08, Slicky Johnson wrote:
> >
> > The reason to move away from 22 is to give yourself an added buffer of
> > security for port sweeps by the script kiddies.
>
> IMVHO, I disagree. Moving a service away from it's default port does not
> bring additional security, just less noise in the logs.
>
It would do little for security. A mere stumbling block since nmap can get the actual service type. Put it above 1024 and it might stop script kiddies but anyone wanting to know what's up will know.
The other point is, run snort and do some research before you blame 'script kiddies'. In my experience, most of the random port scans come from government, universities, and (possibly) private statistics firms. I say possibly because I couldn't be 100% sure about a few.