Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Some new SSH exploit script?

From: litch <litch () dawntempo net>
Date: Wed, 07 Jun 2006 21:46:37 +0200
Adam.Chesnutt írta:

silentw wrote:

Running a service on a non-standard port yields zero increase in
security.  That was my point.


I completely disagree for several reasons.

There has been much talk about the number of connections on port 22.
thousands of random connections that just waste your time. If you dont
have a guessable password why do you care ? reasurces.



what if i dont like to see 1000 lines in the log?
btw what if i put to the 22 port a program which seems like an sshd and put the real sshd to the port 22222? the kiddies try to hack the fake sshd and they just dont know it is waste of time. 

------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. 
------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: