[Tfug] Stopping repeated login attempts

Glen Pfeiffer glen at thepfeiffers.net
Thu Jan 28 10:14:51 MST 2010


On 27 Jan 2010, Bexley Hall wrote:
> > You are correct that choosing a non-standard port does not 
> > offer any real security. But if you understand that moving 
> > SSH to another port is akin to hiding the door and does not 
> > actually increase security, then I think it is a useful  
> > component of a security policy.
> 
> I wouldn't trust that sort of approach to protect any of *my*
> systems. You're assuming all threats are from "unknowns".

No, I'm not making that assumption. Nor did I say I would trust 
that approach to *protect* my systems either. I would not trust 
any *one* approach to protect any system ever!

Obviously I did not make myself clear the first time, so I'll try 
it again. For a low profile system, this could be a useful 
*component* of a security policy. The key word in that sentence 
is "component". By that I meant that there are other measures 
(notice the plural) being taken to protect the machine.


> > For low profile individuals/organizations, having hidden 
> > doors can prevent many if not most break-ins simply because 
> > nobody is looking for them.
> 
> Do you know that for sure? 

I know it from personal experience. Being obscure and not having 
any services running on standard ports reduces the number of 
attempts I receive to almost nothing. Obviously, this will not be 
true for everyone all the time. Which is why it can only be used 
as one *component* of a complete security policy.

And no, that's not the only thing I have in place.

-- 
Glen 





More information about the tfug mailing list