Welcome to the Power Users community on Codidact!
Power Users is a Q&A site for questions about the usage of computer software and hardware. We are still a small site and would like to grow, so please consider joining our community. We are looking forward to your questions and answers; they are the building blocks of a repository of knowledge we are building together.
What is the main reason for some website hosting companies to change ports?
Some website hosting companies change port 22 to some other open port.
I don't think that information security is the main reason to do that; first, because many hosting companies would explicitly state the alternative port in their documentation and second, because port scanners could generally find any alternative port.
Perhaps the main reason is that a small or starting website hosting company can have a non-virtual-computer-system with, say, two virtual-computer-systems, one with port 22 and one with port X as that allows them to save in equipment, otherwise, why doing it?
1 answer
Many automated scanners will attempts brute forcing SSH servers running on port 22 using common username+password pairs. This is relatively easy. You just have to pick an IP range and you have as many ports to test as there are IPs in the range (one port per IP).
Change the SSH port to a different one and now there are thousands of ports to test per IP in that same range. This makes this type of attack unfeasible. Finding an open SSH port on a particular host is relatively easy, but if you're attempting to brute force thousands of hosts it may not be worth it. There are many easier targets.
0 comment threads
0 comment threads