I want to say “yes” but you should still try to change the default ports for any process open to the web. Just because they can’t guess your ssh, doesn’t mean they can’t upload a root php script to your webserver which allows file uploads.
Just be as invisible as possible. Run nmap on your localhost with the defaults and see if anything is set to open. If so, change that port.
So can this pretty much always be shut down by having sufficiently complex + long pw?
I want to say “yes” but you should still try to change the default ports for any process open to the web. Just because they can’t guess your ssh, doesn’t mean they can’t upload a root php script to your webserver which allows file uploads.
Just be as invisible as possible. Run
nmap
on your localhost with the defaults and see if anything is set to open. If so, change that port.What about Stealth mode
What is stealth mode?
On Mac its part of security/firewall settings or sumfing
Ah okay. I have no clue about macs. I guess the equivalent in Linux would be OpenSnitch