On Fri, 2004-12-17 at 15:51, Peter GILMAN wrote:
> Ed White <[EMAIL PROTECTED]> wrote:
>
> | On Friday 17 December 2004 15:45, Roy Morris wrote:
> | > change your ssh port to like 30222 or something ..
> |
> | That's dumb.
>
> why?
>
>
> Choose a port < 1024.
>
> why?
not trying to speak for ed, but IMHO...it's dumb because any yahoo with
a local account on a machine can create a listening socket on a port >=
1024.
running a daemon on a port < 1024 requires privilege (thus the
name)...sshd deserves the VIP treatment. if it doesn't conflict with an
ssl httpd...443 is an awfully remote-side-firewall-friendly choice for
an alternate sshd port...
-j
--
"I hope I didn't brain my damage."
--The Simpsons
