Re: Roger's last comment on changing Port defaults

[cc <cc () belfordhk com>]

Roger A. Grimes sighed and wrote::
> Offline, the mail to me has been 75% in support (including many
> enterprise security officers telling me they have been using the idea
> for years), 25% think I'm an idiot.  I'm not sure which way I'm leaning.

Using non-standard ports is definitely a good way of protecting
oneself from the mishmash of aliens out there in the 'Net.  That
said, it depends on application or rather, the situation.


> Imagine a house who's outside walls were nothing but doors-after-doors,
> wall-to-wall, corner to corner.  Most fake, and only one real one. On a
> normal house, thief tries front or back door (or breaks window) to enter
> house (or uses some other vector).  He still has to try a key, pick it,
> or bust down the correct door when he finds it.  My plan makes it more

Not quite a good analogy in this case.  A thief would normally recon the
area and determine the suitable target.  Say, he selects your house.
Seeing that many doors, he wouldn't know which one to break or open.
But like I mentioned, he would do a reconnaissance.  Check out who
goes in and comes out and from which door.   Then he'd concentrate
his efforts on that particular door.

As for non-standard ports, it is one step towards security but not
by that much.