l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2006 Jun 17 10:15

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Why change default ssh port?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Why change default ssh port?

Quoting Ryan (cjg5ehir02@sneakemail.com):

> SSH is very easy to configure client-side to default to diffrent ports for 
> diffrent hosts, and that is a one-time operation (you don't use SSH from 
> untrusted hosts, do you?[1]).


I have cautionary anecdotes I could give you, about compromise of the
$COMPANY corporate network (but not of my own machines) because some
nitwit $COMPANY sysadmin ssh'd out to shells.sourceforge.net^W^W^W^W^W
some public Internet host that had been compromised, and then ssh'ed or
scp'ed back in.

And then there was another possibly recognisable but carefully unnamed
Linux firm where I was chief sysadmin but greatly distrusted the Chief
Technical Officer (with good reason), and therefore bought a used laptop
that I _always_ used for encrypted comunication, in order to ensure
integity of both ends (because I had reason to doubt the integrity of my
company-issued workstation.

But it's possible that you're missing my point:  I'm _not_ saying it's
difficult to use a variety of pots.  I'm saying (among other points)
that it's beneath my dignity to hide my Internet presence from script
kiddies, bots, spammers, enterprising Nigerians, etc., and that I have
better and more dignified ways of making them vanish into deserved

> And I do want to know about any cracking attempts, but at the same
> time I want to reduce the volume of them that get to talk to my
> server.  

Alternative approach:  Use superior technology so you don't have to
care, regardless of volume.

> Likewise, I make my email addresses hard to come by 
> because that is easier then deailing with large volumes of spam.

I use a third alternative:  effective technical measures at my MTA.

Again, I'll be damned if I'll ever be driven away from having a fully
public Internet presence.  We were here first, and we're better at this
than they are.  

I'm glad your approach works for you.  I'm just explaining mine.

(Linux Gazette obscures my e-mail address on its roster of editors, but
that's against my mild objection to the practice.  I don't raise a fuss
because it'd create unjustifable work to remove the munging from my
address alone -- but Ben Okopnik, the editor in chief, is aware of my 
opinion, and appreciates my not insisting.)
vox-tech mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.