On Sat, Oct 22, 2011 at 10:23:23AM -0500, Robert Bonomi wrote: > > Arguements aginst doing so are generally based on the "'security by > obscurity' is not security" concept. > > That argument _is_ 'technically accurate'. <grin> > > Moving sshd to a non-standard port does _not_ do anything to make the > system any more secure. > > Of course, as long as one understands that that _is_ the case, and > is doing it for 'some other' defensible reason -- such as to eliminate > logfile 'noise' from script-kiddie 'doorknob rattlers' -- doing so > *is* perfectly reasonable. > > *I* do it on _my_ machines, expressly for the reason stated in the prior > paragraph.
I should have finished reading the thread before sending my own reply on a different branch of the discussion. This is (stated differently) pretty much exactly the message I meant to convey. -- Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ]
pgplvMknduAif.pgp
Description: PGP signature
