3 comments

[ 2.8 ms ] story [ 17.7 ms ] thread
Changing the SSH port from the default can be one part of a full defense strategy. The term "defense in depth" means there is more than one defensive mechanism, typically so that if a baddie is able to circumvent one mechanism, they'll be trapped by another. In this case, moving the SSH port massively reduces exposure to naive port scanners. I agree it's not a particularly strong protection, but it's a practical one (at least until everybody does this, at which point the cloud providers will just start adding port knockers).
Indeed. Obscurity is not security, but it can act to harden and enhance any real security measures which are in place.
I don't see the issue here. From http://en.wikipedia.org/wiki/Defense_in_depth_(computing):

> In terms of computer network defense, defense in depth measures should not only prevent security breaches, but also buy an organization time to detect and respond to an attack, thereby reducing and mitigating the consequences of a breach.