How to Review Login Events in a Windows Serve
Login events play a crucial role in maintaining the sec...
“They want to deliver vast amounts of information over the internet. And again, the internet is not something you just dump something on. It’s not a truck. It’s a series of tubes.” – Senator Ted Stevens.
When Senator Ted Stevens gave that quote during a debate on Net Neutrality in 2006, it became an internet sensation. Memes have been made on it, and it has a Wikipedia page.
As ridiculous as it may sound, that’s how networks work. It’s a series of tubes we can’t see connecting devices and servers.
We focus on understanding what these tubes are and how they connect to our focus of discussion, the Secure Shell Protocol.
Before diving into the SSH port number, we must define a couple of terminologies.
Port: You may be tempted to think ports are physical connections that join two devices.
Ports are actually a logical connection that programs and services use to exchange information. You can’t see them, but they’re responsible for the web pages and email messages you see.
Ports have numbers ranging from 0-65535. More common examples are
Ports have IP addresses attached to them. The IP address is for identification purposes. It helps in locating the server you want to use.
The IP address of Google, for example, is 126.96.36.199. So, when you enter the domain name of Google on a web browser, the IP address is what is located alongside port number 80. The port number “80” shows you’re trying to access the webpage.
So, the tube that connects your device to the Google server is 188.8.131.52:80. This is what your device works with to bring the Google website to you.
One of the skills needed to use these ports is command-line knowledge. If you don’t have such a skill set, don’t worry, it’s pretty easy to understand.
Telnet: In the 1960s, people could access and manipulate servers remotely through a protocol called “Telnet.”
During the 1960s, no mobile devices or sophisticated computers were available for public use. Telnet is a set of commands that help you communicate with other computers.
The problem was that it needed to be more secure. Anyone could intercept your information. Therefore, the information wasn’t safe. For the security of information, SSH was invented.
It is an acronym for Secure Shell. It’s a protocol that helps you access a server over the public internet in a secure way.
So, you don’t have to worry about your information being monitored or hacked when you use SSH.
SSH creates a cryptographic password and public authentication key for your data before sending it to a server. It’s always encrypted before being sent through the public network.
SSH was first designed in 1995 by Tatu Ylönen. He was a researcher at the Helsinki University of Technology. He later started SSH Communications Security, located in Finland, specializing in cybersecurity.
The first version of SSH, SSH-1, had various flaws that required an updated version, SSH-2, to be created. Today, SSH-1 is rarely in use.
SSH-2 is the current version of the Secure Shell protocols. It has been adopted by the Internet Engineering Task Force (IETF) as a Standards Track specification since 2006.
There have been no reports of any vulnerable security issues with SSH-2, although there are reports that the National Security Agency (NSA) can decrypt some SSH traffic. A leak proposed this information from Edward Snowden in 2013.
Telnet usually transfers your username and password through the public network as plain text. This leaves your private information open to malicious third parties on the internet. SSH encrypts your data before it leaves your local computer. So, your login session is encrypted as it transfers from client to server.
When you want to transfer files between two accounts, SSH helps you encrypt your file. It does this through the single Secure Copy command, which automatically encrypts the file as it leaves your account and decrypts it as it enters the receiver’s account.
Having multiple accounts on multiple computers can be a security risk. It is very tedious to memorize multiple usernames and passwords. It’s possible to mistakenly type your password into your username, leaking your password to the public. SSH helps you to avoid such by providing keys with an authentication feature. These agents help you authenticate all your accounts without memorizing multiple passwords and usernames.
SSH allows you also to control how much access one has to your account. For example, you can be able to set up restricted access to your account. You can set up a read-only control for people who want to access your account without revealing your password. You can also give editing options to trusted people. In short, you can control how much control one has over your account, and you can do it remotely.
In simple terms, SSH works with public key pairs. It can also be called Asymmetric Cryptography and helps to authenticate hosts between a host and a server.
Imagine that you want to send information to a neighboring server. What SSH does is assign a key to the data sent. The data transfers to the neighboring server and assigns a public key to it too. The data is sent back to you, and your key is removed and sent back to the neighboring server, which removes the key and accesses the data.
The advantage of this protocol is that your information is encrypted throughout transit through the internet. Therefore, any information sent through the protocol is secure from third parties. Your password details are safe.
To make a connection to a remote host, you can easily use the SSH command below;
The client will connect to the server [server.example.com] using the user ID [UserName]. Public key pairs are more typically used to authenticate hosts to one another than a traditional user ID and password, even though both can be used to access SSH.
When we work on the SSH protocol, three steps are often noted;
The default SSH port number is 22. It is a common trend amongst client users to open up the port for the public internet. Such actions imply that the ports are a target for malicious hackers to steal information and use it for nefarious purposes.
Because of such risks, changing the port number from the default number is advisable. It would prevent SSH passwords from brute-force attacks.
There are certain things to take note of before changing the default SSH fault:
Below are the steps to changing the default port number:
Step 1: Backup with this command;
[email protected]:~$ cp/etc/ssh/sshd_config /etc/ssh/sshd_config_backup
Step 2: Now, a copy of the file has been created in the same directory. The default SSH port is to be changed. Access the ssh_config file through this command;
You can perform this command on any editor.
Step 3: The command causes the file to open in a text editor. The line of code needed is;
Step 4: Change the port number to any random 4 or 5-digit value between 1024 and 65535. We’ll be using 2434 in this example. Delete the # sign and substitute 22 for the desired number. It should look like this;
Step 5: Add this port to your firewall’s whitelist. After that, restart SSH. Write this command for the restart to take effect;
[email protected]:~$ sudo service ssh restart
Slighter modifications may appear when you want to work on Centos or Fedora;
[email protected]:$ sudo service sshd restart
Step 6: Try using the new SSH port number in a new terminal window while remaining logged in as root. Verify your settings if the login doesn’t work. Do not end your open root session until you can log in with the updated setup.
Internet pioneers created a protocol bridging the gap between servers and users communicating. A couple started appearing in the 1960s, but SSH, an acronym for Secure Shell or Secure Socket Shell, has been the Pinnacle of network security for users. SSH-2 is the best, and its default port number is 22. Because of the vulnerabilities that come with using the default port number, it is advisable to change them. This protocol adds an extra layer of security to your client-to-server connections, freeing you from worries of cyber-crimes.
Leave a Comment