[HECnet] Re: [DECtec] NTP vulnerability in VMS 8.3
Cory Smelosky
b4 at gewt.net
Wed Jan 8 13:10:31 PST 2014
On Wed, 8 Jan 2014, Brian Schenkenberger, VAXman- wrote:
Cory Smelosky <b4 at gewt.net> writes:
On Wed, 8 Jan 2014, Brian Schenkenberger, VAXman- wrote:
You'd still be beter off running it on a non-standard port. Also, doing
onto others as they do on to you should be reserved only for good tasks;
bombing the source is a good way to get them to really go after you and
your systems.
So long as that's not the only method of "security" used. Auto portscan
and quick telnet probe can find SSH on port 1337 instead of 22 with ease.
It's no security! It does, however, keep the persistent port scanners from
consuming system resources. On VMS, touching the ssh port will initiate a
process to handle the authentication and create a pseudo-terminal for each
instance of a possible ssh session. This wastes process slots and carves a
lot of memory from the NPP.
Ahhhhh. I get what you're saying. I wasn't thinking in a VMS sense.
That is certainly sensible.
--
Cory Smelosky
http://gewt.net Personal stuff
http://gimme-sympathy.org Projects
More information about the Hecnet-list
mailing list