On Mon, Jul 12, 2010 at 4:41 PM, Leonardo Carneiro - Veltrac
<lscarne...@veltrac.com.br> wrote:
>>>> Well, them and anyone who knows how to half-assed run nmap or any other
>>> numerous service fingerprinting utilities.
>>
>> Even with sshd moved, when I finally decided to block port 22, my
>> bandwidth use dropped noticeably.
>>
> You made the point: bandwidth!

umm...  this is *INSIDE* the corporate network.  If there's anyone
portscanning my box, I want to know about it, especially since I have
the power to go smack hands.

And if there was someone capable of breaking ssh, that person would
find it no matter what port it's on.

He also did some other brilliant things such as set up a boot up
password, bios password and other assorted "security" things.  Guess
what happened?  He didn't tell me he did it, and he forgot the
passwords.  He got to spend half a day in the data center rebuilding
crap.


--
http://www.glumbert.com/media/shift
http://www.youtube.com/watch?v=tGvHNNOLnCk
"This officer's men seem to follow him merely out of idle curiosity."
-- Sandhurst officer cadet evaluation.
"Securing an environment of Windows platforms from abuse - external or
internal - is akin to trying to install sprinklers in a fireworks
factory where smoking on the job is permitted."  -- Gene Spafford
learn french:  http://www.youtube.com/watch?v=30v_g83VHK4

Reply via email to