For anyone who has changed the port used by SSH on their SME servers, there has been a report of the classic SSH password harvesting attack against SSH on port 2222:
http://bsdly.blogspot.ca/2013/02/theres-no-protection-in-high-ports.htmlUse of a non-standard port has always been discounted as any sort of true security improvement for ssh (see
Guessing passwords from 2005), but many (including myself) have changed the port anyway in order to decrease log noise.
0 Replies
1113 Views