On Tue, Dec 18, 2007 at 05:44:11AM -0500, Gerard Seibert wrote: > > On December 18, 2007 at 12:47AM sham khalil wrote: > > > > once you open port 22 to public ip, you'll get people try to bruteforce your > > machine. > > if you don't want that set sshd to listen to a higher number like 5522 > > then forward port 5522 from the router to the internal machines. > > > > unfortunately for wrt54g, you can't forward port 5522 to 22 for internal > > machine. > > Security through obscurity is a poor substitute for security. Port scanners > will eventually find that port also.
One needs something else for security against brute-force attempts, but changing the port number does help cut down on the amount of bandwidth consumption on the LAN side of your router by allowing the router to ignore/deny all incoming traffic on port 22. -- CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ] Marvin Minsky: "It's just incredible that a trillion-synapse computer could actually spend Saturday afternoon watching a football game." _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
