merits of portknocking (was: More SSH 'trolling')
Scot L. Harris
webid at cfl.rr.com
Fri Oct 15 02:27:37 UTC 2004
On Thu, 2004-10-14 at 21:46, Lew Bloch wrote:
> Consider the arguments at
> http://software.newsforge.com/software/04/08/02/1954253.shtml
> , which presents the case better than I can, as well as hinting at
> alternatives.
Have read that previously. I understand his arguments but still believe
port knocking has some merit. Consider that only a small percentage of
hackers out there really have the skills to execute a successful attack
on a system using port knocking. And of those, fewer still have access
to the intervening systems that would be needed to execute such an
attack.
As I said in a previous message adding port knocking to a system raises
the bar on hacking it to the point that a large percentage of hackers
will just bypass the system looking for easier prey. Which ultimately
is what you want to have happen.
Face it, if someone with the skills, time, and money wanted to gain
access to your system they are going to do it. And most likely it would
not be by some network hack but, as the author of the article argued,
via social engineering or some other method.
--
Scot L. Harris
webid at cfl.rr.com
Humility is the first of the virtues -- for other people.
-- Oliver Wendell Holmes
More information about the fedora-list
mailing list