Security Incidents mailing list archives
Re: SSH attacks?
From: "Pieter-Bas IJdens" <pieter-bas () ijdens com>
Date: Thu, 29 Jul 2004 12:44:32 +0200 (CEST)
Another word about to worry: I want to worry about system security as neither me nor the software is perfect. I do not believe in security by obscurity (although I must admit that sometimes it works extremely well). Once I stop worrying I may ovberlook the one attempt that really hurts me. Better to stay alert. :-)
Indeed. I just moved them because I was sick of all the automated scans on these ports. I still have the same update policies for those as I used to have and treat them no different from other parts of the system. It just saves time. It also has some minor benefits with respect to 0-day exploits, but for the rest has no real added value with respect to system security. Then again, system security is a total package of measures of course, and having this as part of it has some added value. Security by obscurity is never an option. If it works extremely well that is probably just because noone is trying hard enough :)
to a different port I didn't get any ssh probes anymore (obviously). Got rid of all these ssh-worm attacks (good old days) in a second, and I personally don't mind supplying people a port number with their username/password. The same can be done for many other services that are not port-bound. Kindof takes the fun out of automated subnet scans.True, but there are some minor services as smtp and http which still should be reachable on their standard ports. So the fun continues. :-)
That is right indeed. Keep reading the logs :) Pieter-Bas
Current thread:
- SSH attacks? Robin (Jul 27)
- Re: SSH attacks? Tobias Rice (Jul 27)
- Re: SSH attacks? Chris Brenton (Jul 28)
- Re: SSH attacks? Josh Tolley (Jul 27)
- Re: SSH attacks? Chris Brown (Jul 27)
- Re: SSH attacks? Adam Young (Jul 27)
- Re: SSH attacks? Christine Kronberg (Jul 29)
- Re: SSH attacks? Pieter-Bas IJdens (Jul 29)
- Re: SSH attacks? Christine Kronberg (Jul 29)
- Re: SSH attacks? Pieter-Bas IJdens (Jul 30)
- Re: SSH attacks? Frank Knobbe (Jul 30)
- Re: SSH attacks? Jay D. Dyson (Jul 30)
- Re: SSH attacks? Frank Knobbe (Jul 31)
- Re: SSH attacks? mgotts (Jul 31)
- Re: SSH attacks? Christine Kronberg (Jul 29)
- Re: SSH attacks? Tobias Rice (Jul 27)
- Re: SSH attacks? Steve Schuster (Jul 29)
- Re: SSH attacks? Merlijn Tishauser (Jul 30)
- Re: SSH attacks? Jyri Hovila (Jul 29)
- Re: SSH attacks? Chris Brenton (Jul 29)