[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] re: Telnet security
- Subject: RE: [cobalt-security] re: Telnet security
- From: "Adam Sculthorpe" <sculthorpe@xxxxxxxxxxxxx>
- Date: Wed, 25 Apr 2001 20:23:52 +0100
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
To answer your question directly a lot of the tools / scripts out there rely on standard ports
simply because given a small period of time enough systems will be compromised to not
have to worry about the non-standard ones.
It depends on the attacker, if you are being specifically targetted then they will be more
thorough of course and changing ports will not help you very much at all, I do not promote
the reliance upon this, I am merely stating it helps reduce risk.
Adam
*********** REPLY SEPARATOR ***********
On 25/04/2001 at 18:13 Drage, Nicholas wrote:
>> -----Original Message-----
>> From: Adam Sculthorpe [mailto:sculthorpe@xxxxxxxxxxxxx]
>> Sent: 25 April 2001 15:16
>
>> SSH1 logins can also be sniffed and cracked in a switched
>> environment,
>
>Can you expand on this a bit further if you have the time?
>
>> use SSH2 on a non-standard listening port
>
>Why a non-standard port, that won't make a great deal of difference will
>it?
>Anyone capable of successfully cracking a switched environment should be
>capable of dealing with a change in port numbers IMHO.
>
>( kept on the list due to SSH being important for Cobalt admin.... and a
>lot
>of people being in switched environments in co-lo facilities I bet )
>
>--
>Nick Drage - Security Architecture - Demon Internet - Thus PLC
>As of Wed 25/04/2001 at 16:00
>This computer has been up for 0 days, 22 hours, 28 minutes, 34 seconds.
>_______________________________________________
>cobalt-security mailing list
>cobalt-security@xxxxxxxxxxxxxxx
>http://list.cobalt.com/mailman/listinfo/cobalt-security