On Sun, 03 Feb 2008 08:06:47 -0800 kashani <[EMAIL PROTECTED]> wrote:
> Grant wrote: > >> I don't know about large setups, where it might be very possible > >> that port knocking becomes a major PITA as you say. But I have > >> setup and used port knocking for remote ssh access lots of time in > >> the past, and never had a problem. This is just my little > >> experience, of course. > > > > OK, port knocking is going back on the todo list. > > I don't free as strongly as Alan, but I've never been overly > impressed with the idea of port knocking. Mostly because any > monitoring of services would be a total nightmare. And > troubleshooting it would suck. Is the service down? Is it the knock? > and so on. > > What I do like is openvpn. Script kiddies don't look for it > and I prefer to have full access to my home boxes rather than having > to mess with port forwarding. As far as complexity goes its easy to > setup in an afternoon and there are clients for Windows, OSX, Linux, > BSD, etc. > kashani Another openVPN vote from me. Makes deployment across geographically distinct network much easier, and good security too. -- gentoo-user@lists.gentoo.org mailing list
