On Thu, 2004-10-14 at 21:46, Lew Bloch wrote: > Consider the arguments at > http://software.newsforge.com/software/04/08/02/1954253.shtml > , which presents the case better than I can, as well as hinting at > alternatives. Have read that previously. I understand his arguments but still believe port knocking has some merit. Consider that only a small percentage of hackers out there really have the skills to execute a successful attack on a system using port knocking. And of those, fewer still have access to the intervening systems that would be needed to execute such an attack. As I said in a previous message adding port knocking to a system raises the bar on hacking it to the point that a large percentage of hackers will just bypass the system looking for easier prey. Which ultimately is what you want to have happen. Face it, if someone with the skills, time, and money wanted to gain access to your system they are going to do it. And most likely it would not be by some network hack but, as the author of the article argued, via social engineering or some other method. -- Scot L. Harris webid@xxxxxxxxxx Humility is the first of the virtues -- for other people. -- Oliver Wendell Holmes
