If you're monitoring your logs that does make sense. My issue are corporate policies that say "port 22 = bad" but don't monitor the logs either. I don't see what those are defending against.
I also disagree with the general statement of the blog post that changing the SSH port is like hiding your tanks. The discrepancy between armor and camouflage vs. cryptography and port numbers is many orders of magnitude. A better explanation than that is needed in my opinion.
I also disagree with the general statement of the blog post that changing the SSH port is like hiding your tanks. The discrepancy between armor and camouflage vs. cryptography and port numbers is many orders of magnitude. A better explanation than that is needed in my opinion.