1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Change PTPP Server port

Discussion in 'Tomato Firmware' started by Joenathan, Feb 19, 2014.

  1. Joenathan

    Joenathan Reformed Router Member

    Hello I did a bit of searching and can't find the answer, I'm running the latest Shibby build and I'm looking to change the default PTPP server port to add a bit of security, anyone know how?

    In my experience using the default ports usually leads to bots trying to brute force their way in.
  2. koitsu

    koitsu Network Guru Member

    What makes you think changing the port number is providing any sort of security? It is common on the Internet these days for people to port scan a system (port numbers ranging 1-65535), since the port scanning can be distributed across a series of compromised computers; think DDoS but with port scanning ("distributed port scanning").

    That said, your feature request is a legitimate one and I do think it'd be a reasonable thing to implement. I just don't want people lulled into thinking changing of a port number increases security of anything. If you're worried about the security aspect, then use iptables to limit what source IPs or source IP blocks are permitted to talk to TCP port 1723. That's security.
    Joenathan likes this.
  3. Joenathan

    Joenathan Reformed Router Member

    Thanks for the reply, I tend to agree that security through obscurity is no security at all, but in recent experience with VNC and RDP in particular I went from seeing constant attempts to brute force in on the default port, to zero attempts on a non default port.

    I've grown to think security through obscurity adds another layer of protection, it'll keep a certain percentage of the "fishers" out.

    My plans now are to close all outside access and only allow VPN access through to get to network resources.

    As you suggest I will implement IP blocks, that may be all that is needed, but then again a 'little' extra security couldn't hurt to add.
  4. Joenathan

    Joenathan Reformed Router Member

Share This Page