Originally Posted by
mixture
Still security by obscurity is still not a concept worth promoting though. Just setup the services properly on the standard ports.
For example, I run a number of SSH services set up on the standard port 22.
But they are correctly setup with public key authentication, so I don't care about port scans because I know they'll be dropped by SSH if they try to connect. The logs are also easily filtered out.
The other problem with non-standard ports is you can easily run into filtering issues... WiFi hotspots for example might only allow a subset of common ports.
But then you knew all that already.....
Of course, but it's still a good technique to deploy irrespective of the security aspects. I learnt this when trying to tackle VoIP QoS issues and noticed port-scan frequencies of known ports giving rise to a DoS scenario.
Besides, a home network arguably has far fewer reasons to keep someone out as most of the time there's simply nothing there to get into.