Highly susceptible to replay and man in the middle attacks.
fwknop isn't susceptible to either.
Comment on Any feedback from port knockers ?
tinsuke@lemmy.world 1 year ago
Sounds like security through obscurity to me.
Highly susceptible to replay and man in the middle attacks.
If you’re gonna combine that with another authentication method (and you should), then I see little advantage over just going with the other auth method.
486@kbin.social 1 year ago
aksdb@feddit.de 1 year ago
Sure? It certainly detracts bots that now don’t discover the SSH port anymore. Against a targeted attack it’s less useful, but that is a very hard problem in any case. If someone is out to get you specifically, it will be a tough battle.
zaphod@lemmy.ca 1 year ago
If you’re worried about bots just use a non-standard port and move on. I did that on my own VPS just to cut down on log chatter and I get absolutely zero ssh attack attempts after the change.