On that second point use actual random port numbers. Don’t be like oh this webapp defaults to port 443, I’ll use 4443. You have 65000 ports to pick from. Maybe good to avoid any number that ends in a well known port too. 23,22,25,80,443,8080,8081
Comment on Home server tips and security for beginners?
lntl@lemmy.ml 9 months ago
- disable password auth for pubkey when you can
- don’t use default ports
- open as few ports as possible
- be conservative with your firewall, this is your server and not a public service
vsis@feddit.cl 9 months ago
Random ports are easy to discover and are tools to discover what service is behind a port.
It’s annoying for the legitimate user and easy to bypass by an actual attacker.
Also, if you use a random port above 1024 it could be a security issue since any user could star listening if the legitimate process crashes.
See this
lntl@lemmy.ml 9 months ago
You’re advocating for running private services on the default ports?