this post was submitted on 29 Sep 2024
6 points (100.0% liked)
Cyber Security
22 readers
5 users here now
๐ต๐ฟ Surveillance, Information security, Cybersecurity, Interoperability, Analytics, Data tracking, Digital Disinformation, Decentralised Finance, Algorithmic Sovereignty & Privacy By Design.
Questions and answers are encouraged. Be excellent to each other. ๐๏ธ
founded 2 months ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I don't really agree with the video for a number of points though I'd say that changing the port is not a security, but a convenience feature.
Privileged port is probably the best argument, however the attack mentioned here would only work for users not having connected to the host before, as otherwise you'd get a host key check failure. The host key wouldn't be readable by an attacker in the case mentioned, and you wouldn't be able to steal passwords if the user has a key authentication only.
Only allowing certain IPs won't work in a lot of non-commercial environments, and fail2ban can be used for DOSing the server as the attacker can spoof the sending IP to a legitimate one, denying access.
I posit that the point of the video is that port changing is an inconvenience non-feature, especially at scale of distributed legitimate use.