[Discuss] S/W in Linux to change its default ports
R. McFarlane
techie at mcfarlanecomputing.net
Mon Jan 8 12:24:46 PST 2007
On 1/8/07 11:50 AM, Thor Heinrichs-Wolpert wrote:
> I'd have to agree. We work on lots of systems and have a similar approach to what Scott is saying. We have several zones, but the Internet goes to our DMZ, where each box is hardened itself (rather than just rely on the firewall) and all of the standard ports are moved (except public http/s). The amount of script kiddie attacks dropped by over 90% as soon as we switched the ports ... so I think it's a great idea to change them.
>
> On another note, a friend of mine that runs lots of systems in Vancouver (ISP / ASP type) has different port ranges for different client groups. All of his local tools just use the ssh tunnel, so it's only the ssh connection ports that are different and the firewalls move them into the proper DMZ based on range. I thought it was an interesting approach and seemed to work exceptionally well for their support team.
>
> Cheers,
I don't have any problems with script kiddies since I rate limit the
ports under attack or I limit the ports to only allowed IP's.
Case in point, ssh attacks are non-existent on my server with the rate
limit in effect, but I am still able to connect to the server without
having to remember an alternate port.
The only ports I have set as alternates are for the other machines I
want SSH access to.
--
www.mcfarlanecomputing.net
More information about the Discuss
mailing list