Best practices for securing SSH server
RW
rwmaillists at googlemail.com
Wed Jun 24 13:36:31 UTC 2009
On Tue, 23 Jun 2009 22:37:12 +0200
Erik Norgaard <norgaard at locolomo.org> wrote:
> You're right, as long as port-knocking as a first pass authentication
> scheme is not in wide spread use, then any attackers will not waste
> time port-knocking. If ever port-knocking becomes common, attackers
> will adapt and start knocking.
It would be fairly straightforward to prevent that by having a
combination of knocking ports and secret guard ports. When a guard port
gets hit the sequence is broken, and the source IP gets blocked for a
while.
More information about the freebsd-questions
mailing list