[ previous ] [ next ] [ threads ]
 From:  Fred Wright <fw at well dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] tcp open ports on wan interface in 1.1
 Date:  Sun, 12 Sep 2004 15:21:46 -0700 (PDT)
On Fri, 3 Sep 2004, Chet Harvey wrote:

> 1 suggestion, move SSH off of port 22 and change the response field to not ID 
> as SSH. I love watching people run RDP hacks on port 3389 which isn't RDP. I am 
> freak like that =)

Eliminating the SSH herald could confuse some clients, especially ones
that care about the version.  SSH with only RSA/DSA authentication allowed
is pretty secure, anyway.

					Fred Wright