To answer your question directly a lot of the tools / scripts out there rely on
standard ports
simply because given a small period of time enough systems will be compromised to not
have to worry about the non-standard ones.
It depends on the attacker, if you are being specifically targetted then they will be
more
thorough of course and changing ports will not help you very much at all, I do not
promote
the reliance upon this, I am merely stating it helps reduce risk.
Adam
*********** REPLY SEPARATOR ***********
On 25/04/2001 at 18:13 Drage, Nicholas wrote:
>> -----Original Message-----
>> From: Adam Sculthorpe [mailto:[EMAIL PROTECTED]]
>> Sent: 25 April 2001 15:16
>
>> SSH1 logins can also be sniffed and cracked in a switched
>> environment,
>
>Can you expand on this a bit further if you have the time?
>
>> use SSH2 on a non-standard listening port
>
>Why a non-standard port, that won't make a great deal of difference will
>it?
>Anyone capable of successfully cracking a switched environment should be
>capable of dealing with a change in port numbers IMHO.
>
>( kept on the list due to SSH being important for Cobalt admin.... and a
>lot
>of people being in switched environments in co-lo facilities I bet )
>
>--
>Nick Drage - Security Architecture - Demon Internet - Thus PLC
>As of Wed 25/04/2001 at 16:00
>This computer has been up for 0 days, 22 hours, 28 minutes, 34 seconds.
>_______________________________________________
>cobalt-security mailing list
>[EMAIL PROTECTED]
>http://list.cobalt.com/mailman/listinfo/cobalt-security
_______________________________________________
cobalt-security mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-security
