By: nodebox

nodebox — Mon, 14 Jan 2008 08:03:55 +0000

I do acknowledge that there is beauty (and simplicity) in security. But I really do believe in this as an obfuscation measure because there are no open ports by default.

Of course, this is a greatly simplified of many port knocking mechanisms present today. This is an unencrypted form of communication and is therefore susceptible to packet sniffing.

However, the more sophisticated forms of port knocking use long strings as a pseudo-authentication mechanism, which I do believe is more secure and can help to reduce the risk of exposure further.

By: frankchn

frankchn — Mon, 14 Jan 2008 06:59:03 +0000

I am also of the opinion that the less code that runs on a server the better (since there are less surfaces for attack), so I am quite dubious about this whole knockd thing.

Comments on: Guide to port knocking

By: nodebox

By: frankchn