[Discuss] S/W in Linux to change its default ports

Thor Heinrichs-Wolpert thor.wolpert at maximusbc.ca
Mon Jan 8 15:00:46 PST 2007 

True, but AFAIK rate limits don't work on issues that haven't been
discovered or patched.  Not the penultimate of security, but a little
obfuscation never hurt.

Since we travel a bunch and haven't invested in mobile network cards, we
can't used restricted IPs.  I'd love to, but so far it's not an option.

Cheers,
Thor HW


-----Original Message-----
From: discuss-bounces at vlug.org [mailto:discuss-bounces at vlug.org] On
Behalf Of R. McFarlane
Sent: Monday, January 08, 2007 12:25 PM
To: discuss at vlug.org
Subject: Re: [Discuss] S/W in Linux to change its default ports

On 1/8/07 11:50 AM, Thor Heinrichs-Wolpert wrote:

> I'd have to agree.  We work on lots of systems and have a similar
approach to what Scott is saying.  We have several zones, but the
Internet goes to our DMZ, where each box is hardened itself (rather than
just rely on the firewall) and all of the standard ports are moved
(except public http/s).  The amount of script kiddie attacks dropped by
over 90% as soon as we switched the ports ... so I think it's a great
idea to change them.
> 
> On another note, a friend of mine that runs lots of systems in
Vancouver (ISP / ASP type) has different port ranges for different
client groups.  All of his local tools just use the ssh tunnel, so it's
only the ssh connection ports that are different and the firewalls move
them into the proper DMZ based on range.  I thought it was an
interesting approach and seemed to work exceptionally well for their
support team.
> 
> Cheers,


	I don't have any problems with script kiddies since I rate limit
the 
ports under attack or I limit the ports to only allowed IP's.
	Case in point, ssh attacks are non-existent on my server with
the rate 
limit in effect, but I am still able to connect to the server without 
having to remember an alternate port.
	The only ports I have set as alternates are for the other
machines I 
want SSH access to.

-- 


www.mcfarlanecomputing.net
_______________________________________________
Discuss mailing list
Discuss at vlug.org
http://ladybug.vlug.org/cgi-bin/mailman/listinfo/discuss

More information about the Discuss mailing list