On Sunday 22 October 2006 22:41, you wrote: > this isn't correct. Every service had some security problems in the > past. Imagin that your service X is vulnerable (only since a few h > by a zero day exploit or so) and someone tries to exploit it at 2:00 in > the morning. Good thing there cant be any bugs in the port knocking program, right?
> if you only need the service for administration, you could do such a > "hiding" of the service. you only would need to open the port by the > portknocking service a few min while you use it to do some administration. Yeah, because running SSH and only allowing pubkey authentication or s/key surely isn't a better solution... Of course, thats only with SSH but I'm yet to see any other use for port knocking than "protecting" SSH. --- Lars Hansson
