[Ach] Feedback to applied-crypto-hardening.pdf - Webservers - OpenSSH
Torge Riedel
torgeriedel at gmx.de
Sat Dec 23 12:19:23 CET 2017
Am 22.12.2017 um 14:47 schrieb Sam Bull:
> I was also under the impression that these reserved ports were better protected
> by the OS, changing to a non-standard port could actually result in reducing
> security.
>
> A very quick Google seems to agree with what I remember, e.g.
> https://www.adayinthelifeof.nl/2012/03/12/why-putting-ssh-on-another-port-than-22-is-bad-idea/
>
> Leaving it on the default port ensures the OS will be doing everything it can to
> protect it. Changing it might reduce the number of random brute force attempts
> (but these are not going to succeed if you've secured your system anyway), but
> might make your server more vulnerable to an actual targeted attack (which is
> significantly more likely to succeed).
Thanks, good point. Never thought in that way about it.
I will change back to standard port and see what. Since I followed the nice guide, my server should be protected.
Regards
Torge
More information about the Ach
mailing list