More SSH 'trolling'
Alexander Dalloz
alexander.dalloz at uni-bielefeld.de
Thu Oct 14 19:25:51 UTC 2004
Am Do, den 14.10.2004 schrieb Lew Bloch um 21:15:
> > If the IPs are dynamically assigned, such an attempt is
> > pointless. What you can do is to use portknocking. This has been
> > suggested and discussed controversial recently here on the list.
>
> Controversial is correct. From what I've read, portknocking is useless,
> worse than useless, really, since it induces an entirely unjustified
> sense of security. I will never use it.
I must say that I do not understand that argument. It would be same as
saying: SSH is useless, because it's enryption of the transfered
information induces a sense of security, while it does not protect
against the usage of secure passwords. If you misinterpret portknocking
claim to be the ultimate security solution you are on the wrong path.
Nobody ever said something like that
Alexander
--
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.8-1.521smp
Serendipity 21:20:14 up 16:31, 17 users, 0.48, 0.26, 0.25
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20041014/fd08c369/attachment-0001.sig>
More information about the fedora-list
mailing list