On Wed, Feb 20, 2002 at 10:56:30AM +1100, Silcock, Stephen wrote:
> Another thing I always like to do is change the port services run on to
> something high and unused. http, ssh, telnet - they can all be run on any
> port you like really and changing them to something obscure avoids normal
> bulk scanners and worms...
Security by obscurity doesn't work:
[johnc@dropbear ~]$ telnet localhost 22
Trying 127.0.0.1...
Connected to localhost (127.0.0.1).
Escape character is '^]'.
SSH-1.99-OpenSSH_2.9p2
It's very helpful too: it even tells you its version number. Move it
elsewhere and it still advertises itself with the network equivalent of
the huge Coke sign at Kings Cross.
Sure, it stops the bulk of the script-kiddies, but so what? A good
firewall and up-to-date security patches are far more important and
will do a much better job of keeping them out.
Cheers,
John
--
whois [EMAIL PROTECTED]
GPG key id: 0xD59C360F
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug
