[CentOS] Linux malware attack

Tue Mar 25 16:38:17 UTC 2014
Les Mikesell <lesmikesell at gmail.com>

On Fri, Mar 21, 2014 at 4:18 PM,  <m.roth at 5-cent.us> wrote:
>>
>> #5 (non-standard port) is very useful.  Not for protecting yourself
>> against attack, but from not having your log files fill up with all of
>> the automated attack scripts.  Which makes it easier to spot the more
>> serious attackers who have taken the time and effort to find your SSH
>> port.
>
> Huh! That's the *only* rationale I've ever heard for security through
> obscurity that actually makes sense. (One of my ongoing "goals" for the
> annual review is cutting down the noise in our logs.)
> <snip>

It's all obscurity even if you think you can call it something else.
OpenVPN over UDP configured to not respond at all unless the
certificates match is even better at being hard to find with random
probes, though.

-- 
  Les Mikesell
    lesmikesell at gmail.com