Alert!!

[Alexander Dalloz]

Am Do, den 16.09.2004 schrieb Ow Mun Heng um 2:50:

> > To prevent to let the script kids find their target on my hosts running
> > a public available sshd, I changed the listening default port from 22 to
> > something different.
> > Comment: this is no security setting, 
> 
> Security by obscurity.. :-)

Yes. But you quoted me so unfortunate that one could have the idea I did
the change for security. That is not the case. If you read my comment
about this _fully_ you easily see that I never claimed that a security
change. I did it to get rid of these hack attempts in my logs. For the
moment this is enough to stop the scripts. When they begin to really
scan for the ports with SSH behind I will activate portknocking. Not
because I have insecure passwords in use or do not keep both eyes on
necessary security updates, but because I do not like to have to go each
day to hundreds of log file lines caused by wannabee intruders.

Sorry, I felt that was necessary to say that clear. I do not vote for
"security by obscurity" in any way. (Though your comment Heng, has a
smiley.)

> Ow Mun Heng

Alexander


-- 
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.8-1.521smp 
Serendipity 02:52:28 up 17 days, 9 users, load average: 0.48, 0.70, 0.57
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20040916/cd0256ec/attachment-0001.sig>