John R. Dennison
jrd at gerdesas.com
Sun Jul 17 00:03:30 UTC 2011
On Sun, Jul 17, 2011 at 12:03:52AM +0100, Always Learning wrote:
> If using SSH, FTP, phpmyadmin etc. etc. then DO NOT use the standard
> ports. Allocate a different IP address (if you have several) and use a
> non-web IP address for SSH and a different non-web IP address for
> phpmyadmin etc. WITH non-standard ports (you can go as high as about
> 64000). Also consider ONLY allowing access from predefined static IP
> addresses (under your control). Do not make it easy for the hackers.
The reality of the situation is that attacks are in almost all cases
non-targeted and are the results of automated scanning; playing security
through obscurity tricks with IP addresses is as futile as attempting to
You should not be running ftp at all; ftp should be allowed to die off
as it's insecure just as is any protocol that transits credentials on
the wire in plaintext. ftps is better; sftp/scp/rsync is better still.
phpmyadmin is a recipe for tears of blood; moving ports is better than
leaving it on 80/tcp, but better would be to not run it at all on a
In the cases of a targeted attack the attacker(s) will find your
services no matter what ports you have them hanging off of.
And TCP port numbers range from 0 to 65535.
The First Law of Holes:
"It is a good thing to follow the First Law of Holes: if you are in one, stop
digging." - Denis Healy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the CentOS