On 17 feb 2010, at 12.38, Peter Hessler wrote: > On 2010 Feb 17 (Wed) at 07:51:03 +0100 (+0100), Per-Olov Sjvholm wrote: > :Answer correctly or don't answer at all. > > It seems to me that people *did* answer correctly. But, their answer > was not what you wanted to hear. > > The answer: don't use port knocking, use a randomized url. > > https://example.com/64482a3717737695e4dd254a4d57da4f6c0795f3e811e8b12347625fb 285.rss > > Google, Apple, etc use this scheme for webcal access. I strongly doubt > your rss feed requires more privacy than people's private calendars. > > > -- > Beware of altruism. It is based on self-deception, the root of all > evil. >
I know what I am doing and it's a simple test. A production environment will for sure be more secured. As said. I _very_ much appreciate if people give their opinion _and_ an answer to the actual question if the person know how to do what I ask for. But what I don't like about it is that some just reply to tell it's done wrong, even though they don not know the context and the tradeoffs that have been made and why. Professional people could nicely tell their opinion and a hint to my question IF they have any clue. If they think I should have provided more info, they could say so I am a member of a few helicopter forums, some Dreambox HTPC forums (TuxBOX), a bunch of Linux forums (i.e many different kind of forums). Nowehere they hack at each other like they do at the OpenBSD lists. This is the only sad thing about OpenBSD, the mailinglist. Therefor I don't use it as much as before. A few of my developer friends share this sadness with me. You are right, Peter. My rss feed does not require more privacy (at this stage) than private google calendars. However there are a few problems with randomized urls that I simply want to spend time on later. This as I at this stage just want to sell in the idea with a test containing less important data and therefor use less work. A prod environment will be more secured to fulfill the security policies etc. Tnx to the people who contributed with something. This thread is closed for me now /Per-Olov -- GPG keyID: 5231C0C4 GPG fingerprint: B232 3E1A F5AB 5E10 7561 6739 766E D29D 5231 C0C4 GPG key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x766ED29D5231C0C4