On December 3, 2008, Steve wrote: > Paul Hartman wrote: > > I think using Dmitry's idea of rejecting the first 2 connections, but > > then allowing it as normal on the third attempt would satisfy your > > requirements for being on the normal port, allowing all IPs and > > requiring no special setup on the client end (other than knowing they > > have to to retry twice). > > Erm - surely I either need to set up my client to port-knock... which is > a faff I'd rather avoid... in order to use the technique.
nope. just start connection. wait a minute. cancel. start another one. wait a minute. cancel. start new one - voila! :) > While I recognise port knocking as a valuable strategy in some > circumstances, it seems a very bad fit for my needs. well. Nobody but you knows your requiremens and specifics - we're just listing options. It's up to you to either take 'em or leave 'em ;) -- Dmitry Makovey Web Systems Administrator Athabasca University (780) 675-6245
signature.asc
Description: This is a digitally signed message part.
