From what I've read, portknocking is useless, worse than useless, really, since it induces an entirely unjustified sense of security. I will never use it.
Alexander Dalloz presented the cogent points:
I must say that I do not understand that argument. It would be same as saying: SSH is useless, because it's enryption of the transfered information induces a sense of security, while it does not protect against the usage of secure passwords. If you misinterpret portknocking claim to be the ultimate security solution you are on the wrong path. Nobody ever said something like that
Consider the arguments at
http://software.newsforge.com/software/04/08/02/1954253.shtml
, which presents the case better than I can, as well as hinting at alternatives.
