Moving to non-standard ports reduces a high percentage of your risk, not all of it.
When you consider the
significant volume of attacks are carried out by automated scripts then it makes sense
to change port
numbers doesn't it? I think so!
Adam
*********** REPLY SEPARATOR ***********
On 25/04/2001 at 18:13 Drage, Nicholas wrote:
>> -----Original Message-----
>> From: Adam Sculthorpe [mailto:[EMAIL PROTECTED]]
>> Sent: 25 April 2001 15:16
>
>> SSH1 logins can also be sniffed and cracked in a switched
>> environment,
>
>Can you expand on this a bit further if you have the time?
>
>> use SSH2 on a non-standard listening port
>
>Why a non-standard port, that won't make a great deal of difference will
>it?
>Anyone capable of successfully cracking a switched environment should be
>capable of dealing with a change in port numbers IMHO.
>
>( kept on the list due to SSH being important for Cobalt admin.... and a
>lot
>of people being in switched environments in co-lo facilities I bet )
>
>--
>Nick Drage - Security Architecture - Demon Internet - Thus PLC
>As of Wed 25/04/2001 at 16:00
>This computer has been up for 0 days, 22 hours, 28 minutes, 34 seconds.
>_______________________________________________
>cobalt-security mailing list
>[EMAIL PROTECTED]
>http://list.cobalt.com/mailman/listinfo/cobalt-security
r
_______________________________________________
cobalt-security mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-security
