- About Us
But the point he is deliberately missing is that port knocking is an added, effective defense against being randomly targeted by worms, hackers and/or automated scripts. It does add a certain level of security, since so many attacks come from that route.
Both points are valid, and both points have their place. I personally think that since port knocking adds "some" value, that it's worth the effort.
* "The bear problem" is when you're hiking in the woods and start getting chased by a bear, you don't have to be able to outrun the bear. You just have to be able to outrun at least one of the guys you're with. The moral is if you make yourself a more difficult target, the attackers will move on to easier pickings.
Return to A critique of port knocking