23 Jul
2008
23 Jul
'08
4:21 p.m.
On Tue, July 22, 2008 16:45, Les Bell wrote:
Moving sshd to a non-standard port is one of the worst examples of relying on security by obscurity. Its only advantage is that it cuts out some noise in the logs, but proper precautions do that as well, without lulling you into a false sense of security.
I think you've put your finger on a key point here -- what most people really want here is a reduction in log noise.
I'd suggest the best way to achieve that is to not display SSH logon failures :-). If you instead scan the *successes*, you're much more likely to actually spot any problem that occurs.
--
David Dyer-Bennet, dd-b@dd-b.net; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http://dragaera.info