[HECnet] Re: [DECtec] NTP vulnerability in VMS 8.3
Brian Schenkenberger, VAXman-
system at TMESIS.COM
Wed Jan 8 13:09:21 PST 2014
Cory Smelosky <b4 at gewt.net> writes:
On Wed, 8 Jan 2014, Brian Schenkenberger, VAXman- wrote:
You'd still be beter off running it on a non-standard port. Also, doing
onto others as they do on to you should be reserved only for good tasks;
bombing the source is a good way to get them to really go after you and
your systems.
So long as that's not the only method of "security" used. Auto portscan
and quick telnet probe can find SSH on port 1337 instead of 22 with ease.
It's no security! It does, however, keep the persistent port scanners from
consuming system resources. On VMS, touching the ssh port will initiate a
process to handle the authentication and create a pseudo-terminal for each
instance of a possible ssh session. This wastes process slots and carves a
lot of memory from the NPP.
--
VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG
Well I speak to machines with the voice of humanity.
More information about the Hecnet-list
mailing list