lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: infsec at gmail.com (Willem Koenings)
Subject: OpenSSH is a good choice?

On Fri, 24 Dec 2004 18:19:34 +1300, Ben Hawkes
<ben.hawkes@...adise.net.nz> wrote:

> the internet being high enough to be an attractive target for a worm. In
> the end, running a service on a non-standard port at this point in time
> is a useful part of a layered security approach, if only to inhibit
> worms.

Not only the worms. Consider this scenario - person gets on his hand
new sshd 0day exploit and now wants to play with it. He starts to find
possible victims. How he starts to find them, what is the most logical
approach? He chooses some c class /24, takes out his favorite scanner
and starts sweep through class c to find port 22. Why?

- scanning through all 65535 is very inefective and time consuming
- amount of people who relocated sshd to some other port is marginal
- in he does not find somone vulnerable quick enough, he might lose his intrest
- he is not attacking somone in person, he is just fishing, seaching
anyone, who is running sshd.

If your computer port 22 does not answer to the scan, you are omitted,
he goes on and does not waste his time to your computer - there are
plenty other fishes in the sea.

I'e noticed, that most victim searches are performed in similar
manner. But things are completly different, if you happened to piss
somone of - then you automatically are under his undivided attention.

all the best,

W.

Powered by blists - more mailing lists