Wednesday, 7 January 2015

ISC: Another Port For SSH Is Not Meaningless

Who SSH (Secure Shell) to log on to remote computers and servers will benefit from it to change the default port 22, as late as a handler of the Internet Storm Center (ISC) know. SSH is a popular protocol for managing computers. Standard protocol listens on port 22.

This will also be a lot of scans and attacks on this port. At present, there Reddit , in response to this article , a discussion or change the default port is wise. One of the criticisms is that " security through obscurity "is not a security measure, but only one way to slow an attacker and therefore offers little value. "While it is true that it is difficult to stop a determined attacker to cause you provide, any measure that prevents arbitrary script kiddies and scanners to your SSH look not entirely meaningless," says ISC handler Rick Wanner.

Wanner says more than 15 years SSH on a non-standard port to run, such as port 52222. "Of course this is not the only security measure that I use. I patch daily use hosts.allow where possible, keys and passphrases instead passwords and use Deny Hosts ", he tells. ISC handler notes that he does not use port 22 because of "security through obscurity" benefits, but because it eliminates all noise on port 22.

Port 22 is a favorite target of brute force attacks and port scans rising every year. These activities cause Wanner as much noise in the logs. "Why would you tolerate it if it is not needed?", He notes. The default port change he would attack traffic are much diminished that he occasionally his defense test to see if it still works.

No comments:

Post a Comment