On Mon, Jun 25, 2007 at 10:48:20AM -0700, John N. Brahy wrote: > I know when it comes down to it, it's only hiding ports and not actually > securing anything.
There, you've hit the nail on the head. But it's worse. Go find some people using port knocking - you probably know some. Ask them if they can shut if off for a month. I bet a good portion will say "No! I have sshd from 2002 on there! No way!" So while port knocking doesn't add (much) insecurity itself (apart from a chance of having an exploit in the knocker), it certainly *seems* to have a high correlation with unsecured systems. Anecdotal, but there it is. -- Darrin Chandler | Phoenix BSD User Group | MetaBUG [EMAIL PROTECTED] | http://phxbug.org/ | http://metabug.org/ http://www.stilyagin.com/ | Daemons in the Desert | Global BUG Federation