[j-nsp] Changing SSH port on EX switches, M routers

Chris Kawchuk juniperdude at gmail.com
Sun Apr 3 17:09:17 EDT 2011


Agreed.

A proper [firewall family inet] restricting ssh access with a packet filter is a far better solution.

I assume that lo0.0 loopback filters finally work on an EX-series as of 10.4 (I think I saw that in the release notes for 10.4R3x).

- Chris.


On 2011-04-04, at 7:02 AM, Stefan Fouant wrote:

> I'm surprised by how many people on this list still think that 'Security
> through Obscurity' is an effective means of securing devices.  Nmap or any
> other suitable scanner could isolate the SSH port in relatively no time at
> all.




More information about the juniper-nsp mailing list