[86839] in North American Network Operators' Group
Re: a record?
daemon@ATHENA.MIT.EDU (Matthew Sullivan)
Fri Nov 18 05:31:22 2005
Date: Fri, 18 Nov 2005 21:26:30 +1100
From: Matthew Sullivan <matthew@sorbs.net>
In-reply-to: <20051116060709.21150.qmail@xuxa.iecc.com>
To: nanog@nanog.org
Errors-To: owner-nanog@merit.edu
John Levine wrote:
>>>Moving sshd from port 22 to port 137, 138 or 139. Nasty eh?
>>>
>>>
>>don't do that! Lots of (access) isps around the world (esp here in
>>Europe) block those ports
>>
>>
>
>If you're going to move sshd somewhere else, port 443 is a fine
>choice. Rarely blocked, rarely probed by ssh kiddies. It's probed
>all the time by malicious web spiders, but since you're not a web
>server, you don't care.
>
>
Except if you're running a version of OpenSSL that has a vulnerability,
you could be inviting trouble - particularly with kiddies scanning for
Apache with vulnerable versions of OpenSSL attached by way of mod_ssl etc...
Regards,
Mat
