On Fri, Mar 21, 2014 at 4:18 PM, <m.roth at 5-cent.us> wrote: >> >> #5 (non-standard port) is very useful. Not for protecting yourself >> against attack, but from not having your log files fill up with all of >> the automated attack scripts. Which makes it easier to spot the more >> serious attackers who have taken the time and effort to find your SSH >> port. > > Huh! That's the *only* rationale I've ever heard for security through > obscurity that actually makes sense. (One of my ongoing "goals" for the > annual review is cutting down the noise in our logs.) > <snip> It's all obscurity even if you think you can call it something else. OpenVPN over UDP configured to not respond at all unless the certificates match is even better at being hard to find with random probes, though. -- Les Mikesell lesmikesell at gmail.com