undefined | Better HN

0 pointsmoe11y ago0 comments

In other words, the inconvenience this brings is not adequate to the infinitesimal increase in security.

You are wrong. Please refrain from giving security advice.

Changing or filtering the SSH port prevents your host from being compromised by automated netrange sweeps in the event of a pre-auth ssh vulnerability. For this reason changing the SSH port is considered best practice.

0 comments

JoeAltmaier11y ago

Since port numbers are a very tiny space, that would amount to an infinitesimal increase in security, right? Essentially, 'hiding' the port is 'security through obscurity' which is a thoroughly discredited idea.

michaelmior11y ago

This is assuming that someone is specifically targeting your machine. In which case yes, changing the port number probably won't do much. But if someone is just hammering random servers on port 22, changing the port number is much more likely to be effective.

moeOP11y ago

You misunderstand.

Changing the port does nothing against targeted attacks and it's not about 'hiding' anything. The purpose is to take your host out of the scope of automatic scans which almost exclusively focus on the most common ports (22, 2222, 22222 ...).

Piskvorrr11y ago

Okay, a pre-auth vulnerability is a plausible option I didn't consider; you are right.

j / k navigate · click thread line to collapse