The risk reduction is negligible if someone is doing a portscan on your host. Co... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		sespindola on Feb 22, 2012 \| parent \| context \| favorite \| on: SSH Do’s and Don’ts The risk reduction is negligible if someone is doing a portscan on your host. Connection attempts to non standard ports will eventually occur. The better solution is to use single packet authorization.[1] 1. http://cipherdyne.org/fwknop/

Florin_Andrei on Feb 22, 2012 [–]

Yeah. It depends on how persistent they are. Using DROP on all closed ports may discourage some attackers. Others may remain undeterred.

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact