[kwlug-disc] Tightening up SSH

Darcy Casselman dscassel at gmail.com
Mon Jul 19 11:11:39 EDT 2010


On Mon, Jul 19, 2010 at 10:23 AM, Dave Cramer <davec at visibleassets.com> wrote:
> I disagree. Any security mechanism that relies on obscurity is not
> secure. Just harden it.  It's trivial to port scan you anyway.

A non-standard port isn't security.  It's a log-sanitation exercise.

The idiots who it'll stop weren't going to get in anyway, but it means
any attempt that shows up in your logs is a marginally more serious
and relevant threat.

Darcy.



More information about the kwlug-disc_kwlug.org mailing list