On 10/17/2013 07:13 PM, Michael Rash wrote: > Hello all, > > Here is a new blog post that sums up some of the things I've been > thinking about regarding port knocking and how SPA solves its > limitations: > > http://www.cipherdyne.org/blog/2013/10/port-knocking-why-you-should-give-it-another-look.html
Are you referring to this article? http://bsdly.blogspot.com/2013/10/the-hail-mary-cloud-and-lessons-learned.html I read that and didn't get the arguments about not using port knocking. Seems like if you do all the proper ssh protections, notwithstanding having port-knocking, and then adding port-knocking, you have even less to worry about. I still check my logcheck emails for security related log messages, so I would hopefully see failed ssh attempts. Blair ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60135031&iu=/4140/ostg.clktrk _______________________________________________ Fwknop-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
