- About Us
Why? The attacker would need to see your network traffic to be able to make any kind of guess as to the port-knocking sequence, even if you use a fixed one with only handful of knocks. If even a thousand people have seen you knock on your computer, it's a reduction by a factor of a million or so, and the port knocking will have done its job well enough.
I agree with you that one has to be careful with security through obscurity, but it certainly can be used to reduce the number of possible attackers. We buy locks for our doors not because they're impossible to pick (or circumvent), but because they reduce the number of people who could do so, and the chance that they could do so undisturbed.
That said, I can't see myself playing with this 'port knocking'; it's all too likely to get stuck in firewalls or just be too hard to activate from someone else's computer.
Return to A critique of port knocking