Date: Wed, 24 Jun 2009 14:36:13 +0100 From: RW <rwmaillists@googlemail.com> To: freebsd-questions@freebsd.org Subject: Re: Best practices for securing SSH server Message-ID: <20090624143613.6a87a749@gumby.homeunix.com> In-Reply-To: <4A413CF8.60901@locolomo.org> References: <b6c05a470906221816l4001b92cu82270632440ee8a@mail.gmail.com> <4A406D81.3010803@locolomo.org> <b6c05a470906230653i6ce647c1p415e769b63d9e169@mail.gmail.com> <4A4109DE.3050000@locolomo.org> <b6c05a470906231311q48a56fddk77b456dc29695ed3@mail.gmail.com> <4A413CF8.60901@locolomo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 23 Jun 2009 22:37:12 +0200 Erik Norgaard <norgaard@locolomo.org> wrote: > You're right, as long as port-knocking as a first pass authentication > scheme is not in wide spread use, then any attackers will not waste > time port-knocking. If ever port-knocking becomes common, attackers > will adapt and start knocking. It would be fairly straightforward to prevent that by having a combination of knocking ports and secret guard ports. When a guard port gets hit the sequence is broken, and the source IP gets blocked for a while.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090624143613.6a87a749>