reverse ssh
Guy Gold
guy1gold at gmail.com
Tue Jul 22 15:47:50 IDT 2014
>
>>>> On 22 July 2014 00:52, Guy Gold <guy1gold at gmail.com> wrote:
>>>>
>>>>> Hi Erez,
>>>>>
>>>>> On Mon, Jul 21, 2014 at 4:18 AM, Erez D <erez0001 at gmail.com> wrote:
>>>>>
>>>>>>
>>>>>> it is not even a dynamic ip, it is a private ip behind a dynamic one
>>>>>>
>>>>>
>>>>> Then, what Eliyahu wrote should serve you a perfect solution.
>>>>>
>>>>
Although this can become a flame-war :)
Source:
https://www.adayinthelifeof.nl/2012/03/12/why-putting-ssh-on-another-port-than-22-is-bad-idea/
==Begin quote ==
But there are more reasons why this is a bad idea and one of the most
important reason has to do with a bit of the (Linux) way of handling TCP/IP
ports. When you are logged onto a system as a non-root user (anyone not
being uid 0), you cannot create a listing TCP or UDP port below 1024. This
is because port numbers below 1024 are so-called privileged ports and can
only be opened by root or processes that are running as root. So for
instance, when your webserver (apache, nginx etc) will start, it will do so
as the privileged root user in order to open up a listening connection to
port 80 (the port that by default will be used for HTTP traffic). Now, as
soon as the port is opened and everything that needs to be done as root is
done, the webserver will fall back to a non-privileged user (either the
www-data, apache, or nobody user). From that point, when something bad is
happening, it is only limited to the rights that that user has.
Now, back to SSH: when we start SSH on port 22, we know for a fact that
this is done by root or a root-process since no other user could possibly
open that port. But what happens when we move SSH to port 2222? This port
can be opened without a privileged account, which means I can write a
simple script that listens to port 2222 and mimics SSH in order to capture
your passwords. And this can easily be done with simple tools commonly
available on every linux system/server. So running SSH on a non-privileged
port makes it potentially LESS secure, not MORE. You have no way of knowing
if you are talking to the real SSH server or not. This reason, and this
reason alone makes it that you should NEVER EVER use a non-privileged port
for running your SSH server.
==End quote==
Reading the whole page is recommended.
Though, some of Joshua Thijssen's points can be argued against (not by
myself, but I'm sure some folks can find some caveats in his article). I
tend to agree with what he points out.
I do acknowledge that SBO (security by...) divides quite a bit sysadmins
apart. Some live by it, and some, well, ridicule it, and for them, seeing
another sysadmin use such method is a tell sign of anachronism. The beauty
is that we can all choose, and what is important is being informed.
--
Guy Gold
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140722/78067a51/attachment-0001.html>
More information about the Linux-il
mailing list