I think the point behind it is to waste the sniffers time sniffing for ports that it could be using to be making attempts.

Its not a security thing, it’s just increasing the cost to snoop.