Contributed by jose on from the false-security dept.
I am intrigged by the port knocking idea. Although this is very much an obscurity layer, it seem to be a great way to force would-be intruder to make a lot of noise before finding what they look for. Forcing five or six port knocks before a connection would make it difficult for scanners to find running services without being easily detectable. What to OpenBSD folk think of it?
Port knocking has been used by malware for a while now, but I haven't seen a convincing argument for it in real security. Has anyone implemented this (for example using the pflog0 interface to retrieve packets) on OpenBSD?
(Comments are closed)