Best practices for securing SSH server
djuatdelta at gmail.com
Wed Jun 24 14:43:22 UTC 2009
> Point remains: Adding port knocking does not solve any security problem, it only adds
> complexity, cost, points of failure, inconvenience etc while making your problem appear
> differently and leaving you with the illusion of being more secure.
I think that's grossly overstated, if not just plain wrong. Ceteris
paribus, a system with port knocking is almost certainly more secure
than a system without port knocking. It's not a guarantee against
penetration. But even if it's only a heightened "degreee" of security
not an additional "kind" of security measure (as you argue), it's
still heightened security.
More information about the freebsd-questions