Find the answer to your Linux question:
Results 1 to 2 of 2
If I arbitrarily choose a port for ssh to listen on other than 22 do I create any security issues other than perhaps stepping on some other services' toes that ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Newbie ThoughtVelocity's Avatar
    Join Date
    May 2005
    Location
    OH
    Posts
    160

    Moving ssh port question


    If I arbitrarily choose a port for ssh to listen on other than 22 do I create any security issues other than perhaps stepping on some other services' toes that may be using it? Are there any major risks, other than me forgetting what I chose?

    {edit} nmap will still identify my randomly chosen ssh port. How do I have it not show up there?
    "If you are out to describe the truth leave elegance to the tailor."
    -Einstein

  2. #2
    Linux User DThor's Avatar
    Join Date
    Jan 2006
    Location
    Ca..na...daaa....
    Posts
    319
    You should ensure you're not stepping on any other port toes - double check your /etc/services file to see those.

    The only reason changing ssh ports is useful is that the vast majority of scripts/worms/invasive procedures don't bother scanning your ports to see what's running where. They're constantly scanning the world's standard ports looking for crackable machines, if they stopped to do that process, it would slow that scan to a comparable crawl(a few seconds for a standard poke, probably around 20 seconds for a scan - times thousands of systems). It's a bit like sweating over security in your home - if someone's *targeting* you for malicious purposes, then there's not a lot you can do(except harden the machine, follow protocols). What you want to do is discourage the attention of the thousands of scripts out there mindlessly hitting the standard ports, and what you're doing deflects the vast majority.

    AFAIK, there's nothing you can do to stop someone from scanning the ports on any machine on the inet(short of putting a firewall between you and the inet that only allows access to certain ports - which you'd need to coordinate with your random-port solution - tough one), but that's ok. You're after discouraging, not stopping this.

    DT

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •