On Mon, Jul 12, 2010 at 4:41 PM, Leonardo Carneiro - Veltrac <lscarne...@veltrac.com.br> wrote: >>>> Well, them and anyone who knows how to half-assed run nmap or any other >>> numerous service fingerprinting utilities. >> >> Even with sshd moved, when I finally decided to block port 22, my >> bandwidth use dropped noticeably. >> > You made the point: bandwidth!
umm... this is *INSIDE* the corporate network. If there's anyone portscanning my box, I want to know about it, especially since I have the power to go smack hands. And if there was someone capable of breaking ssh, that person would find it no matter what port it's on. He also did some other brilliant things such as set up a boot up password, bios password and other assorted "security" things. Guess what happened? He didn't tell me he did it, and he forgot the passwords. He got to spend half a day in the data center rebuilding crap. -- http://www.glumbert.com/media/shift http://www.youtube.com/watch?v=tGvHNNOLnCk "This officer's men seem to follow him merely out of idle curiosity." -- Sandhurst officer cadet evaluation. "Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted." -- Gene Spafford learn french: http://www.youtube.com/watch?v=30v_g83VHK4