[Box-Admins] Change ssh port?
Levente Uzonyi
leves at elte.hu
Thu Feb 20 17:33:19 UTC 2014
On Thu, 20 Feb 2014, Ken Causey wrote:
> What does the group think of changing the port that sshd listens on for
> connections? Yes, I know this is a sort of security by obscurity and is
> entirely pointless if you are being targeted. But we aren't being targeted
> yet the net is just full of drive-by connection attempts these days.
>
> On a server I administer for a customer I used to get log reports of hundreds
> and even thousands of the attempted ssh connections each and every day. I
> got tired of the noise and moved sshd to another port. It has been years now
> and there has not been a single ssh connection attempt from anyone other than
> me since I made the change.
>
> Now I'm not saying this is any serious problem. And I don't get these sorts
> of log reports on the Squeak servers currently, so this is not addressing any
> noise I'm dealing with. But I'm sure all of the Squeak servers are being hit
> with connection attempts constantly, probably more than the other server I
> deal with since it is in no way public. At some point there is a tiny
> possibility that one of the connection attempts will properly guess both a
> username and a password (and shame on that person for using such a simple
> password if it happens :) ), sort of the million monkey theory.
>
> Anyway this is something I've considered but of course it would affect
> everyone who sshs to the servers and so I can't just make such a change
> unilaterally.
>
> If you are in favor of this change suggest a number that might be relevant to
> Squeakers and easy to remember, preferably <= 1024, if you can think of one.
What's the point of using a low port number? We always use a random high
port for non-public services.
Levente
>
> Ken
>
More information about the Box-Admins
mailing list