Subj : Re: SSH or no? (was: Nightmares / Dreams)
To   : Andre
From : boraxman
Date : Fri Apr 01 2022 21:18:37

 An> It probably limits it a bit, but it's not worth the bother. Tools like
 An> Shodan can find SSH across any port, or any of the other mass scanners
 An> can do the same thing. If someone finds a zero day for OpenSSH, it's not
 An> going to make any difference what port you're listening on because it's
 An> already been scanned and found and put into a database.
 An> 

They can, and I've experimented with a BBS with only SSH access, on a non standard port, and I get repeated failed attempts at the port multiple times a day.

The thing is, they'll be scanning telnet ports, and because that will communicate with plain text, it gives attackers a bit more of a clue of what is responding.

Remember, with SSH, you can't assume the other end is a shell, it could be a BBS, a VPN, it could be anything.

I guess this is another argument against telnet.

--- Mystic BBS v1.12 A47 2021/12/24 (Linux/64)
 * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)

.