New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Is port knocking still used? If not why?
Is port knocking still used? If not why?
If you don't know what port knocking is:
Comments
I use port knocking to open my SSH port.
Sure. Check any speakeasy!
I don't use it because I find it not required. And conceptually, it's still security through obscurity.
Non-standard SSH port, root login disabled, key-based authentication only.
Sure, which I do by default. I'd also lock down to a set IP etc - but it doesn't hurt to add another layer, no?
Sure, unless you eventually lock out yourself too
So you sneer at one form of security through obscurity and then recommend a different form...
He might be changing SSH port to decrease the amount of noise in his log files / performance impact. That's a reasonable reason to change the SSH port I'd say.
I agree and that's what I do, too. But he isn't talking about log noise:
That's in the context of improving security.
What about allowing only specific IPs in your firewall, use bastion hosts, ssh key authentification and general hardening practices? ;-)
Nothing inherently bad with security through obscurity. Security isn't about masturbatory sound-bites.
What? Security through obscurity in the exact next sentence?