Re: Breakin attempt

[Bill Tillman]

________________________________
From: Bruce Cran <br...@cran.org.uk>
To: Polytropon <free...@edvax.de>
Cc: freebsd-questions@freebsd.org
Sent: Saturday, October 22, 2011 10:37 AM
Subject: Re: Breakin attempt


On 22 Oct 2011, at 15:12, Polytropon wrote:

> On Sat, 22 Oct 2011 15:08:50 +0100, Bruce Cran wrote:
>> I suspect that these sorts of attacks are fairly normal if you're 
>> running ssh on the standard port. I used to have lots of 'break-in 
>> attempts' before I moved the ssh server to a different port.
> 
> Is there _any_ reason why moving from port 22 to something
> different is _not_ a solution?

If you run some sort of shell server, or where many people need to login using 
ssh, you'll have a bit of a support problem telling people to select the 
non-default port. Also, some might consider it security through obscurity, 
which is often said to be a bad thing.

-- 
Bruce Cran

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

I agree. I run ssh on a different port and still some hackers, usually from the 
Far East still detect it and try to gain access. It happens all the time. 
Remember there is a big difference between a break-in and an attempted 
break-in. It is a sad state of affairs that so much effort and energy and high 
IQ thinking is spent on security these days. If we could just channel all that 
energy into something more useful.

The point about giving so many others ssh logins is something I cringe on as 
well. I realize it's useful and needed, but there is a real myth out there that 
hackers are overwhelmingly intelligent and must be highly skilled to hack into 
someone's system. I think if you were to examine the real numbers you'd find 
the vast majority of break ins come from someone who either has a login 
username and password, bought or stole a username and password or overheard 
someone talking about their username and password. There are of course 
exceptions but the media and hype about all these intelligent hackers is just 
overblown. Loose lips sink ships. And as soon as more than one person knows a 
secret...it's no longer a secret.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"