[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: merits of portknocking (was: More SSH 'trolling')



On Thu, 2004-10-14 at 21:46, Lew Bloch wrote:

> Consider the arguments at
> http://software.newsforge.com/software/04/08/02/1954253.shtml
> , which presents the case better than I can, as well as hinting at 
> alternatives.

Have read that previously.  I understand his arguments but still believe
port knocking has some merit.  Consider that only a small percentage of
hackers out there really have the skills to execute a successful attack
on a system using port knocking.  And of those, fewer still have access
to the intervening systems that would be needed to execute such an
attack.  

As I said in a previous message adding port knocking to a system raises
the bar on hacking it to the point that a large percentage of hackers
will just bypass the system looking for easier prey.  Which ultimately
is what you want to have happen.

Face it, if someone with the skills, time, and money wanted to gain
access to your system they are going to do it.  And most likely it would
not be by some network hack but, as the author of the article argued,
via social engineering or some other method.  


-- 
Scot L. Harris
webid cfl rr com

Humility is the first of the virtues -- for other people.
		-- Oliver Wendell Holmes 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]