[CentOS] Securing SSH wiki article outdated
Chris Adams
linux at cmadams.net
Fri Feb 13 14:15:06 UTC 2015
Once upon a time, James Hogarth <james.hogarth at gmail.com> said:
> If you really want to SSH to a port other than 22 for a little obscurity
> use an iptables dnat to map the high port to local host 22 and block 22
> from external connections.
Yeah, the old "move stuff to alternate ports" thing is largely a waste
of time and just makes it more difficult for legitimate use. With large
bot networks and tools like zmap, finding services on alternate ports is
not that hard for the "bad guys".
--
Chris Adams <linux at cmadams.net>
More information about the CentOS
mailing list