[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] re: Telnet security
- Subject: RE: [cobalt-security] re: Telnet security
- From: "Adam Sculthorpe" <sculthorpe@xxxxxxxxxxxxx>
- Date: Wed, 25 Apr 2001 20:17:31 +0100
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Moving to non-standard ports reduces a high percentage of your risk, not all of it. When you consider the
significant volume of attacks are carried out by automated scripts then it makes sense to change port
numbers doesn't it? I think so!
Adam
*********** REPLY SEPARATOR ***********
On 25/04/2001 at 18:13 Drage, Nicholas wrote:
>> -----Original Message-----
>> From: Adam Sculthorpe [mailto:sculthorpe@xxxxxxxxxxxxx]
>> Sent: 25 April 2001 15:16
>
>> SSH1 logins can also be sniffed and cracked in a switched
>> environment,
>
>Can you expand on this a bit further if you have the time?
>
>> use SSH2 on a non-standard listening port
>
>Why a non-standard port, that won't make a great deal of difference will
>it?
>Anyone capable of successfully cracking a switched environment should be
>capable of dealing with a change in port numbers IMHO.
>
>( kept on the list due to SSH being important for Cobalt admin.... and a
>lot
>of people being in switched environments in co-lo facilities I bet )
>
>--
>Nick Drage - Security Architecture - Demon Internet - Thus PLC
>As of Wed 25/04/2001 at 16:00
>This computer has been up for 0 days, 22 hours, 28 minutes, 34 seconds.
>_______________________________________________
>cobalt-security mailing list
>cobalt-security@xxxxxxxxxxxxxxx
>http://list.cobalt.com/mailman/listinfo/cobalt-security
r