[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: More SSH 'trolling'



On Thu, 2004-10-14 at 21:25 +0200, Alexander Dalloz wrote:
> I must say that I do not understand that argument. It would be same as
> saying: SSH is useless, because it's enryption of the transfered
> information induces a sense of security, while it does not protect
> against the usage of secure passwords.

That is not an accurate or fair comparison (even though I know you meant
"insecure" passwords). SSH's encryption does protect effectively against
anyone sniffing your password, and they will have to attempt a
dictionary or social-engineering attack to get it... but SSH itself is
not easily or trivially defeated.

Portknocking can be sniffed, analyzed, and defeated by someone with
access to the wire, making it a trivially-defeatable measure for *some*
attackers. This is a far cry from SSH, but it's also a far cry from
"useless" since most attackers worldwide do not have the ability to
sniff your wire for the right packets.

IMHO: Portknocking is a useful addition to my "defense in depth"
strategy, providing a small additional measure of marginal protection to
my system. Of course, it is not a replacement or substitute for any
standard security measures... it should be additional. And it *can* lure
naÃve users into a false sense of security; but so can many other
things.

Cheers,

-- 
Rodolfo J. Paiz <rpaiz simpaticus com>

Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]