Obscurity and the Open Port Problem
Some people like to configure services on nonstandard ports. They think it hides the web server from either malicious users or even from search bots. While you can configure services to listen on nonstandard ports, there may not be much value in it. If an attacker is looking to find services running on a system, it’s trivial to run a port scan. What you end up doing is making it a little more complicated for your users, who you expect to connect to your service. Client applications to network services are configured to connect to the well-known ports, so if you want to have a client connect to the server, the client would have to do something different from just running the client.
There used to be a lot of ...
Get Security Strategies in Linux Platforms and Applications, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
