Changing SSH and Apache ports
Scot L. Harris
webid at cfl.rr.com
Thu Dec 15 01:10:47 UTC 2005
On Wed, 2005-12-14 at 19:54, Cameron Simpson wrote:
> What nobody has mentioned is that this buys next to no security. A port
> scan will find your service regardless of the port.
>
> Also, changing the port number can make your service hard to reach for
> legitimate users; for example from inside my workplace the prxoy would
> not permit me to reach a web site served on port 666.
>
> Moving port numbers around is usually pointless. Not always, just usually.
This was discussed at length in several recent threads.
But you are correct, at best this is security by obscurity. And any
determined hacker will run a full port scan and find the port anyway.
What it is good for however is keeping the vast majority of script
kiddies from littering your log files with junk. This may be more
useful for ssh ports than httpd ports.
Plus the OP asked how and he was provided with the answer. :)
More information about the fedora-list
mailing list