[Discuss] port-knocking
Rich Pieri
richard.pieri at gmail.com
Wed Mar 27 20:23:41 EDT 2013
--On Wednesday, March 27, 2013 6:48 PM -0400 Tom Metro
<tmetro+blu at gmail.com> wrote:
> While I can imagine some implementations of port knocking, where failed
> knock sequences shut down a service, there are certainly other
> implementations where that is not the case.
That's precisely what I mean. Combine port knocking, automatic IP block,
and IP address spoofing and you have a very easy denial of service. I am
aware that there are workarounds to this, but if you have to work around a
basic function of your security system then you're using the wrong security
tool.
--
Rich P.
More information about the Discuss
mailing list