Alert!! -- PortKnocking
Alexander Dalloz
alexander.dalloz at uni-bielefeld.de
Fri Sep 17 08:45:08 UTC 2004
Am Fr, den 17.09.2004 schrieb Nifty Hat Mitch um 7:07:
> > moment this is enough to stop the scripts. When they begin to really
> > scan for the ports with SSH behind I will activate portknocking. Not
> > because I have insecure passwords in use or do not keep both eyes on
> > necessary security updates, but because I do not like to have to go each
> > day to hundreds of log file lines caused by wannabee intruders.
>
> This sounds like a valid use of port knocking.
> In and of itself port knocking should be understood.
Especially if you decide to protect SSH by it on a remote server! Easy
to imagine how fast you exclude yourself from a remote host if doing it
wrong ;)
> This is an interesting critique of it.
> http://software.newsforge.com/software/04/08/02/1954253.shtml
Thanks for the link. I already did read some papers, but that one is
new.
> T o m M i t c h e l l
Alexander
--
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.8-1.521smp
Serendipity 10:42:20 up 18 days, 7:59, load average: 0.69, 0.38, 0.38
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20040917/0cbb87bd/attachment-0002.bin
More information about the users
mailing list