[Tfug] Stopping repeated login attempts
Glen Pfeiffer
glen at thepfeiffers.net
Thu Jan 28 10:14:51 MST 2010
On 27 Jan 2010, Bexley Hall wrote:
> > You are correct that choosing a non-standard port does not
> > offer any real security. But if you understand that moving
> > SSH to another port is akin to hiding the door and does not
> > actually increase security, then I think it is a useful
> > component of a security policy.
>
> I wouldn't trust that sort of approach to protect any of *my*
> systems. You're assuming all threats are from "unknowns".
No, I'm not making that assumption. Nor did I say I would trust
that approach to *protect* my systems either. I would not trust
any *one* approach to protect any system ever!
Obviously I did not make myself clear the first time, so I'll try
it again. For a low profile system, this could be a useful
*component* of a security policy. The key word in that sentence
is "component". By that I meant that there are other measures
(notice the plural) being taken to protect the machine.
> > For low profile individuals/organizations, having hidden
> > doors can prevent many if not most break-ins simply because
> > nobody is looking for them.
>
> Do you know that for sure?
I know it from personal experience. Being obscure and not having
any services running on standard ports reduces the number of
attempts I receive to almost nothing. Obviously, this will not be
true for everyone all the time. Which is why it can only be used
as one *component* of a complete security policy.
And no, that's not the only thing I have in place.
--
Glen
More information about the tfug
mailing list