On Tue, 23 Jun 2009 22:37:12 +0200 Erik Norgaard <norga...@locolomo.org> wrote:
> You're right, as long as port-knocking as a first pass authentication > scheme is not in wide spread use, then any attackers will not waste > time port-knocking. If ever port-knocking becomes common, attackers > will adapt and start knocking. It would be fairly straightforward to prevent that by having a combination of knocking ports and secret guard ports. When a guard port gets hit the sequence is broken, and the source IP gets blocked for a while. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"