+------------------------------------------------------------------------------ | On (03/10/05 16:07), Tarapia Tapioco wrote: | | From: Tarapia Tapioco <[EMAIL PROTECTED]> | To: debian-user@lists.debian.org | Subject: How much difference does it make to run ssh on a different port number? | Date: Mon, 3 Oct 2005 16:07:45 +0200 (CEST) | | Occasionally people recommend running sshd on a different port number | (not 22) to reduce the number of cracking attempts (dictionary | attacks). | | Does this really make a big difference? | Anyone have any statistics on it? | | Thanks.
Changing the port just stops attempts from being logged, in the way you log them. Worms and virus infected computers all over the world will still try to connect to port 22/80/whatever and try whatever they have programmed to do. Though it is very annoying, there is nothing you can do to stop it other than making your ip space unroutable, yet that is kinda useless ;) If it bothers you to see the logs, don't log it. If you feel scared about your password, pick stronger passwords and you can even use john the ripper to test your passwords. .gov "Green Book" on passwords is still relevant, and people should still be using what it suggests, and with non-DES password storage anymore, the passwords should be longer than 8 characters. If you have ports open, unwelcome people are going to try to connect, and try to run attacks, but most of those attacks are worms/trojans/viruses on infected windows machines and are well documented. Just make sure your software is up to date and your passwords are good, and you'll be fine. Again, if you don't like the logs, don't look or store it ;) -Chris | | | -- | To UNSUBSCRIBE, email to [EMAIL PROTECTED] | with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
