Nathan Eisenberg wrote: > I do feel that changing the port may not truly constitute an increase in > security. It makes you less visible, perhaps. But this particular firewall > is already subjected to port scans across the entire range, including > highports (it has some very high traffic web sites behind it), so the > alternate port would be detected relatively quickly anyways. > > Thank You, > Nathan Eisenberg > Sr. Systems Administrator > Atlas Networks, LLC > > Agreed, but I have been using an alternate port for ssh for several years. You DO avoid the script kiddies hammering on the standard SSH port. I do NOT see any password scans against my SSH servers(and I have several in several sites) once I change the port number on sshd.
I do NOT presume that changing the ssh port number allows me to avoid all the other security measures you need to take. I am just saying it really does save your syslog and if you have an agressive approach to reviewing logs, it saves huge amounts of time reveiwing the efforts of the script kiddies. Lyle Giese LCR Computer Services, Inc. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
