On Tue, Dec 18, 2007 at 05:44:11AM -0500, Gerard Seibert wrote:
> > On December 18, 2007 at 12:47AM sham khalil wrote:
> > 
> > once you open port 22 to public ip, you'll get people try to bruteforce your
> > machine.
> > if you don't want that set sshd to listen to a higher number like 5522
> > then forward port 5522 from the router to the internal machines.
> > 
> > unfortunately for wrt54g, you can't forward port 5522 to 22 for internal
> > machine.
> 
> Security through obscurity is a poor substitute for security. Port scanners
> will eventually find that port also.

One needs something else for security against brute-force attempts, but
changing the port number does help cut down on the amount of bandwidth
consumption on the LAN side of your router by allowing the router to
ignore/deny all incoming traffic on port 22.

-- 
CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ]
Marvin Minsky: "It's just incredible that a trillion-synapse computer could
actually spend Saturday afternoon watching a football game."
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to