Port Knocking with knockd and Linux - Server Hardening
Port Knocking with knockd and Linux - Server Hardening
Port knocking is like a secret handshake or magic word between client and server. It can be used in various ways, but most commonly as a security feature to deny all contact to a specific service - li
I've created a new article about Port Knocking in preparation of my rework of the SSH Hardening guide.
I'd like to hear your opinion about port knocking.
You're viewing a single thread.
It's certainly a good way to hide a service from family/friends/flatmates but cannot be relied on for security on its own. Especially for SSH I see no real security benefit for it over just public key authentication, and the stated added complexity just makes it impractical in most cases.
I really cannot see a scenario (risk management-wise) where it is more than just a thing you set up for fun.
public key authentication ... is king.
I agree that port knocking won't replace any other hardening method, but I thought I'd look into it since it gets recommended so often. Not a big fan either.