> A port-knocking sequence is really nothing different than a shared password.

Technically and conceptually, that's true.  But "practically", I'm not
sure you're right.  If in addition to attempting to enumerate the
space of possible passwords, an attacker also enumerates the space of
possible port-knocking sequences, then, yes, you're right.  But I am
willing to bet that the vast majority of attackers DO NOT attempt
this.  For this reason, I think well-designed port-knocking DOES add
significant strength to the server.

If I'm misunderstanding port-knocking, please jump in and correct me...
freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Reply via email to