On 12/22/2017 07:38 AM, Aaron Zauner wrote:
On 22 Dec 2017, at 13:32, Sebastian <[email protected]> wrote:
On 12/22/2017 01:02 PM, Alice Wonder wrote:
On 12/22/2017 03:57 AM, Torge Riedel wrote:
Maybe there is one hint to offer in the guide: Change the port of sshd
to somewhat else than 22. I observed massive reduction of sshd attacks
on my servers after changing the port.
Indeed, that's fairly standard. Wasn't aware it wasn't in the guide.
Because it's not cryptography.
+1
This discussion regularly comes up in GitHub PRs as well *snip*
Yes, point conceded.
The port number has nothing to do with how secure the server is.
Changing the port number reduces the noise in the logs but as far as
security goes, it is neutral. Port 22 is just as safe if you take the
same measures you should always take regardless of the port.
So I would agree it doesn't belong in the doc.
_______________________________________________
Ach mailing list
[email protected]
https://lists.cert.at/cgi-bin/mailman/listinfo/ach
