I just had to rant on this, I’ve seen it so much lately in my profession it is just making me sick. Changing your SSH or other ports for “security reasons” is stupid. Let me show you how stupid it really is. In this scenerio I changed my port to be 2242, something that I think is sneaky and will help. Now, that I want to hack it,  I can run an nmap with the -sV command like so:

$ nmap -sV -p 1024-4096 my.awesome.ip.address

Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2009-12-02 09:57 MST
Interesting ports on myhostname.com (my.awesome.ip.address):
PORT     STATE SERVICE VERSION
2242/tcp open  ssh     OpenSSH 4.3 (protocol 2.0)

Nmap run completed

And what do you know, not only did it find the stupid port, it told me EXACTLY what was running on it, including version numbers. If you manage your own servers, this is fine, go for it, just don’t expect your servers to be any more secure because of it. However if you get help from any technical support company, changing the ports just pisses off technical support because now they have to ask you what you have done to your server to make it inaccessible to them.

</rant>

This post is filed under Uncategorized.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.