This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new!

Port knocking solves the "bear problem"

Posted by: Anonymous Coward on September 17, 2004 12:32 AM
The point the author seems to have difficulty presenting clearly is that a determined attacker that wants to specifically break into YOUR system will find no obstructions presented by port knocking that can't be overcome.

But the point he is deliberately missing is that port knocking is an added, effective defense against being randomly targeted by worms, hackers and/or automated scripts. It does add a certain level of security, since so many attacks come from that route.

Both points are valid, and both points have their place. I personally think that since port knocking adds "some" value, that it's worth the effort.

* "The bear problem" is when you're hiking in the woods and start getting chased by a bear, you don't have to be able to outrun the bear. You just have to be able to outrun at least one of the guys you're with. The moral is if you make yourself a more difficult target, the attackers will move on to easier pickings.


Return to A critique of port knocking