Cyber Security

22 readers

5 users here now

🕵🏿 Surveillance, Information security, Cybersecurity, Interoperability, Analytics, Data tracking, Digital Disinformation, Decentralised Finance, Algorithmic Sovereignty & Privacy By Design.

Questions and answers are encouraged. Be excellent to each other. 🕊️

founded 2 months ago

MODERATORS

[email protected]

Listen up, changing SSH daemon to non-standard port is a waste of time & even less secure (www.youtube.com)

submitted 2 weeks ago* (last edited 2 weeks ago) by [email protected] to c/[email protected]

8 comments fedilink hide all child comments

Stop it right now. It does not help your threat environment. It just makes things worse.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 2 points 2 weeks ago* (last edited 2 weeks ago) (2 children)

I don't really agree with the video for a number of points though I'd say that changing the port is not a security, but a convenience feature.

Privileged port is probably the best argument, however the attack mentioned here would only work for users not having connected to the host before, as otherwise you'd get a host key check failure. The host key wouldn't be readable by an attacker in the case mentioned, and you wouldn't be able to steal passwords if the user has a key authentication only.

Only allowing certain IPs won't work in a lot of non-commercial environments, and fail2ban can be used for DOSing the server as the attacker can spoof the sending IP to a legitimate one, denying access.

[–] [email protected] 1 points 2 weeks ago

Privileged port is a trust belief system where you believe that the remote system only offers services below port 1024 if they were started with elevated privilege. Author PK Dick once said reality is that which, when you stop believing in it, doesn't go away.

load more comments (1 replies)