Thanks for your post. I agree with most of the stated points. But I'm actualy not a big fan of °1 (changing the default port) for a couple of reasons:
1) In an environment with firewalls filtering inbound and outbound traffic it will be quite unlikely, that a random and non-standard port is going to be reachable right from the beginning. This means you have to wait for additional ports being opened by the net team after you've had been filling out long forms for this security change, as they are common in corporate environment.
2) In bigger organizations where different staff is setting up systems and using them afterwards the use of non-standard ports will cause more confusion than benefit.
3) Many ssh based tools (such as ansible, fabric, ...) and even the normal linux/unix ssh client will need additional configuration parameters such an an added "-p 221". The worst case would be to find an application which lacks of this particular option and is not usable anymore.
4) It is not adding up real security; it's more a variant of Security trough obscurity (stackoverflow.com/questions/533965...) and every portscan is going the ssh banner on port 221. For a brute force protection, I like the Fail2ban approach, sergi mentioned beforehand.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Thanks for your post. I agree with most of the stated points. But I'm actualy not a big fan of °1 (changing the default port) for a couple of reasons:
1) In an environment with firewalls filtering inbound and outbound traffic it will be quite unlikely, that a random and non-standard port is going to be reachable right from the beginning. This means you have to wait for additional ports being opened by the net team after you've had been filling out long forms for this security change, as they are common in corporate environment.
2) In bigger organizations where different staff is setting up systems and using them afterwards the use of non-standard ports will cause more confusion than benefit.
3) Many ssh based tools (such as ansible, fabric, ...) and even the normal linux/unix ssh client will need additional configuration parameters such an an added "-p 221". The worst case would be to find an application which lacks of this particular option and is not usable anymore.
4) It is not adding up real security; it's more a variant of Security trough obscurity (stackoverflow.com/questions/533965...) and every portscan is going the ssh banner on port 221. For a brute force protection, I like the Fail2ban approach, sergi mentioned beforehand.