Posted by: Anonymous Coward
on August 11, 2004 06:28 PM
Well, yes, 1/10th probability = 10% probability, but there's no logical connection between the figures.
If 10% of all servers are running a port knocking implementation, how does that imply that attacking an arbitrary machine (and assuming that it is in fact running port knocking) has one-tenth probability of the chance of succeeding against a machine known not to be using port knocking - unless you assume that the fact port knocking is being used has absolutely no effect on the probability of the attack being successful?
(And if that were the case, wouldn't the better argument just be that: "port knocking has no effect on the probability of an attack being successful).
Anyway, what sort of idiot attacker would *assume* that the target machine was using port knocking if only 10% machines were using it? You'd have much more success assuming that port knocking *wasn't* beign used...