[codexon]

> - Move sshd to a non standard port to avoid the nmap/bot noise.

There are scanners like shodan that will scan every single port you have now so moving it to a non-standard port doesn't stop all the attackers.

[LinuxBender]

Shodan scans a handful of common ports [1] but you are right, a targeted attack will not be stopped by moving ports. Along the lines of what jms703 mentioned, moving ports just removes the noise from the bots so you can have better alerting on real attacks and not suffer from alert fatigue.

[1] - https://en.wikipedia.org/wiki/Shodan_(website)

[jms703]

The parent post didn’t say to do this to stop attackers. They said to do this to reduce alerts in the logs.