>>>>> "Tim" == Tim <[email protected]> writes:
Tim> What is the difference between sending a secret series of ports Tim> numbers to a host versus sending a secret IP address? None. It is Tim> the same level of obscurity. And neither should be used. Instead, harden your sshd. Simple. Effective. Having said that, I don't run sshd on port 22, and have not seen *any* scanner hit my sshd in months, even though I was getting routine (daily or hourly) attacks on 22. In other words, you don't need port knocking. Just be slighly uncommon, and you're good to go. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <[email protected]> <URL:http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.posterous.com/ for Smalltalk discussion _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
