[kwlug-disc] Tightening up SSH
Darcy Casselman
dscassel at gmail.com
Mon Jul 19 11:11:39 EDT 2010
On Mon, Jul 19, 2010 at 10:23 AM, Dave Cramer <davec at visibleassets.com> wrote:
> I disagree. Any security mechanism that relies on obscurity is not
> secure. Just harden it. It's trivial to port scan you anyway.
A non-standard port isn't security. It's a log-sanitation exercise.
The idiots who it'll stop weren't going to get in anyway, but it means
any attempt that shows up in your logs is a marginally more serious
and relevant threat.
Darcy.
More information about the kwlug-disc
mailing list