[Info-vax] VSI OpenVMS Hobbyist Program Announced.

Bill Gunshannon bill.gunshannon at gmail.com
Thu Jul 4 17:06:34 EDT 2019 

On 7/4/19 3:29 AM, Jan-Erik Söderholm wrote:
> Den 2019-07-04 kl. 02:29, skrev Bill Gunshannon:
>> On 7/3/19 4:56 PM, Steven Schweda wrote:
>>>> I never understood this non-standard port thing. [...]
>>>
>>>     If you expose a server at port 22 for a while, and then
>>> switch it to a different (non-standard) port, then I predict
>>> that you'll see the difference.
>>
>> You have misunderstood.  I know what it is I never understood why
>> it is.
>>
>>>
>>>> [...] The bad guys find it the first time they scan your
>>>> host [...]
>>>
>>>     Apparently not.  Or else, they only try the obvious ports,
>>> and don't actually scan them all.  I don't know; it's not my
>>> malware.
>>
>> Back in  my days of admining systems at a University I watched
>> these scans go on every day.  I had systems discovered within
>> minutes of being put on the Internet.
>>
>>>
>>>> [...] and people who might have a legitimate reason to
>>>> connect can't [...]
>>>
>>>     Anyone "who might have a legitimate reason to connect"
>>> would know the appropriate port number to use.  And adding
>>> "-p <different_port>" to a command is not a serious hardship.
>>>
>>>     Understand now?
>>
>> I had a friend who had network service from a company that
>> prohibited any servers.  He wanted a web server so people
>> could see his gaming activities.  The ISP expired DHCP several
>> times a month assigning new addresses.
> 
> Using a service like DynDNS you setup a host name and then your
> router will update DynDNS everytime it gets a new IP address
> from the ISP. There might be short outage while the global
> DNS system get updated.

Nice thought, but then that makes the existence of his banned
server public and the ISP can see it, too.
> 
>> He assigned different
>> port numbers to his web server at pretty much the same rate.
> 
> And why did he do that? Was the ports he used blocked by the ISP?

All privileged ports were blocked for residential DHCP addresses.

> 
>> How was anyone supposed to actually find this server?
> 
> Using the host name setup through DynDNS. Or any of the other
> supliers having the same "Dynamic DNS" service...

Except that doesn't advertise the port and it does advertise
an operation in violation of the ISP AUP.  It was only fixed
when the ISPs stopped caring.

bill

More information about the Info-vax mailing list