• boatswain@infosec.pub
      link
      fedilink
      arrow-up
      0
      ·
      1 year ago

      I see this claim all the time, and it bugs me every time. Obfuscation is a perfectly reasonable part of a defense in depth solution. That’s why you configure your error messages on production systems to give very generic error messages instead of the dev-centric messages with stack traces on lower environments, for example.

      The problem comes when obscurity is your only defense. It’s not a full remediation on its own, but it has a part in defense in depth.

      • dan@upvote.au
        link
        fedilink
        arrow-up
        0
        ·
        1 year ago

        Changing the port isn’t really much obfuscation though. It doesn’t take long to scan all ports for the entire IPv4 range (see masscan)

        • lud@lemm.ee
          link
          fedilink
          arrow-up
          0
          ·
          1 year ago

          It helps against stupid automated attacks though.

          If someone has changed the port it’s likely that they have set up a great password or disabled password auth all together.

          It’s worth it for just having cleaner logs and fewer attempts.