Posted Mar 6, 2007 15:27 UTC (Tue) by bronson
In reply to: agree
Parent article: Single Packet Authorization (Linux Journal)
nmap will find sshd on port 23 without even breaking a sweat. It will also eventually discover it on port 31337, even if you aggressively block portscanning. But it will never find your knock sequence.
I agree that moving sshd's listening port currently deters many script kiddies. But it's like greylisting: it's utterly trivial to get around. Once a lot of people put sshd on different ports, the kiddies will just learn how to use nmap.
to post comments)