On Thu, 2004-09-16 at 08:59, Alexander Dalloz wrote: > Am Do, den 16.09.2004 schrieb Ow Mun Heng um 2:50: > > > > To prevent to let the script kids find their target on my hosts running > > > a public available sshd, I changed the listening default port from 22 to > > > something different. > > > Comment: this is no security setting, > > > > Security by obscurity.. :-) > > Yes. But you quoted me so unfortunate that one could have the idea I did > the change for security. That is not the case. If you read my comment > about this _fully_ you easily see that I never claimed that a security > change. I did it to get rid of these hack attempts in my logs. For the > moment this is enough to stop the scripts. When they begin to really > scan for the ports with SSH behind I will activate portknocking. Ah...portknocking.. now that's an interesing thing to consider. I've read up about it, read about the "why it's no use' sales pitch and yet to try it out. one of these day.. One of these days.. > Not > because I have insecure passwords in use or do not keep both eyes on > necessary security updates, but because I do not like to have to go each > day to hundreds of log file lines caused by wannabee intruders. I agree.. If they really want to scan for it, a simple thing like nmap -sV host.address | grep -i ssh would've worked. > > Sorry, I felt that was necessary to say that clear. I do not vote for > "security by obscurity" in any way. I don't either.. but sometimes it helps esp in cases such as what you described. >(Though your comment Heng, has a > smiley.) > Now.. Just for the record, I'm chinese and in the chinese way.. Ow - Surname Mun Heng - Given Name Heng? Well, not a lot of ppl call me that. It's either Ow (short/easy & for the office) or Mun Heng (others) > > Ow Mun Heng > > Alexander -- Ow Mun Heng Fedora GNU/Linux Core 2 on D600 1.4Ghz CPU kernel 2.6.7-2.jul1-interactive Neuromancer 09:52:34 up 1 day, 36 min, 7 users, load average: 1.74, 1.29, 1.21