|
||||||||
Thanks for all the input! First I should say I didn't mean to add this to Manuel's "to-do list"...he's busy enough. I just thought the idea was interesting and thought discussion might be appropriate should this method ever become viable in the network world. I manage a few networks remotely and the advantage I see to Port Knocking is the ability to cloak the network from script-kiddies and such. I have nightmares that I missed a patch for SSH or TS everytime I see a portscan in the firewall logs. I realize port knocking is susceptible to sniffing and man-in-the-middle attacks but wouldn't this only be pertinent from an insecure network or a compromised border router? I've also heard the arguments in the "obscurity isn't security" debate but I'm of a mind that any layer you can add to protect your resources (as long as you can live with the complexity it adds) is good. Overall I like the idea of PK but think the implementation needs more brainstorming and maturity. |