This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new!


Posted by: Serge Wroclawski on August 10, 2004 06:58 PM
You mean *besides* the one he already presented?

Another solution to what people would use port knocking for would be VPN.

Your first barrier to authentication would be VPN access to a special subnet, then SSH would be allowed from that subnet.

Port knocking is a bad idea. It's simple, replayable, and worst of all, it makes the system more vulnerable to DOSes.


Return to A critique of port knocking