North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: a record?
On Nov 20, 2005, at 6:17 AM, Elmar K. Bins wrote:
I'm going to repeat what Sean said, because you clearly didn't read what he said:Unfortunately, we now have decades of experience in cybersecurity thatFunnily, I see many many more scanning attempts for the same port (or
"There are people actively scanning for any open ports running any protocol, without a SPECIFIC interest in your computer."
Allow me to re-state again in slightly different language so you understand this time:
Changing your port may (will?) lower the number of automated scans you see hitting your daemon, but it will _NOT_ eliminate them. IOW: Just because someone is probing for an SSH daemon on 65K ports against your box does _NOT_ mean he has a specific interest in your box.
If you honestly believe that just 'cause someone tried "ssh -p 63xxx $YOUR.BOX" it means he is specifically targeting your box, well, that is your prerogative. You are almost certain to be wrong at least part of the time, though.