The biggest benefit to changing the port is to avoid being seen by casual scans. Let’s get back to the original purpose of the post. Security through obscurity is effective if it’s one layer in a multi-layer security solution If “security through obscurity” tactics make up one layer of a multi-layered solution, I’d encourage you to obscure your environment as long as it doesn’t affect your availability. In addition, these layers of security should be applied within the environment so that breaking into one server after getting a pivot point in the environment should be just as difficult (if not more difficult) than the original attack that created the pivot point. This provides multiple levels of protection from initial attacks, like information gathering attempts or casual threats against known vulnerabilities. (This could probably turn into its own post but I’ll be brief for now.) Security should always be applied in layers. However, I see arguments crop up regularly about it (like this reddit thread or this other one).īefore I go any further, let’s settle the “security through obscurity” argument. Changing my ssh port from the default port (22) has been one of my standard processes for quite some time when I build new servers or virtual machines.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |