Koozali.org: home of the SME Server
Contribs.org Forums => General Discussion => Topic started by: mmccarn on February 17, 2013, 04:51:44 PM
-
For anyone who has changed the port used by SSH on their SME servers, there has been a report of the classic SSH password harvesting attack against SSH on port 2222:
http://bsdly.blogspot.ca/2013/02/theres-no-protection-in-high-ports.html
Use of a non-standard port has always been discounted as any sort of true security improvement for ssh (see Guessing passwords (http://forums.contribs.org/index.php?topic=29505.msg123499#msg123499) from 2005), but many (including myself) have changed the port anyway in order to decrease log noise.