Hacker News new | ask | show | jobs
by justinsaccount 3662 days ago
> I can copy your knock and get access,

You can? how? I just logged into a server using port knocking. what was my knocking sequence? What do you have access to?

> I can deny you service by messing up your knocks by sending packets with a fake IP

Ok, I'm ready when you are.

> insanely inefficient in the amount of data and time spent vs the amount of information exchanged

I don't even know what this means. How is a few extra packets at the start of a tcp connection "insanely inefficient" ?
2 comments
tptacek 3662 days ago
Who cares? Serious attackers have access to the actual TCP connection you make to sshd. If there's a preauth vulnerability in sshd, they'll just use that to deliver the payload.

Port knocking is silly. If you're scared of preauth sshd zero-day, deploy an encrypted tunnel.

link
Nokinside 3661 days ago
How big percentage of attackers have access to TCP connection and can do MITM attack?
link
drudru11 3662 days ago
Serious attackers have physical access
link
tptacek 3662 days ago
1. No.

2. What's your point?

link
penguinduck 3662 days ago
Now you are being intentionally obtuse. Bye.
link