[NBLUG/talk] I'm getting ssh scanned! Should I be worried?
troy
fryman at sonic.net
Thu Oct 7 14:55:03 PDT 2004
On Thu, Oct 07, 2004 at 02:24:36PM -0700, Bob Blick wrote:
>
> > * Use a non-standard port.
>
> What is a good non-standard port? Or is that a contradiction :)
I'd probably go for something above 1024 (since most system services use
low port numbers) Also, the default for many script kiddie tools stops
at 1024.
Definitely avoid:
25 SMTP
20,21 FTP
23 telnet
53 dns
80 web
111 RPC
139,137 NetbIOS
445 SMB over tcp
3306 mysql
6699: common PTP port.
8080 common proxy server port.
Those are the big targets.
Pick a number not on this list:
http://www.insecure.org/nmap/data/nmap-services
And you're in as good as shape as you can be in regarding a non-common
port.
-troy
More information about the talk
mailing list