Port knocking script/server for fedora?

[Andy Blanchard]

The most effective thing I've found for preventing SSH attacks is
simply to listen on a different port.  Yes, it's security by obscurity
so you should also deploy other counter measures, but if you choose
your non-standard port wisely you can avoid most, if not all, casual
attacks.  Some tips:

Avoid obvious alternatives like 222 and 2222.
Don't use a port that is used for another popular service (80 would be *bad*!)
Ideally use a port below 1,024 as these can only be bound to by
daemons started as root.

So far, I've had exactly *one* kiddie stumble across my home server's
SSH port on a scan in several years, and that was only because they
did a brute force scan of every port below 1024 and a large number of
selected high ports.  All to no avail as my IDS had already detected
the scan and denied the IP long before they reached any open ports.

-- 
Andy

The only person to have all his work done by Friday was Robinson Crusoe