On Tue, 23 Jun 2009 22:37:12 +0200 Erik Norgaard <[email protected]> wrote:
> You're right, as long as port-knocking as a first pass authentication > scheme is not in wide spread use, then any attackers will not waste > time port-knocking. If ever port-knocking becomes common, attackers > will adapt and start knocking. It would be fairly straightforward to prevent that by having a combination of knocking ports and secret guard ports. When a guard port gets hit the sequence is broken, and the source IP gets blocked for a while. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[email protected]"
