|
|
|
|
|
|
by ShaneWilton
3183 days ago
|
|
|
The benefit of port knocking is that it essentially gives you a channel to transmit a password over, without revealing the existence of the system that's being authenticated for. A traditional password, on the other hand, requires some sort of socket that leaks the presence of a listening server. Even if everybody were to use port knocking, knowing that fact doesn't give you any knowledge about whether a given IP hosts zero, one, or some arbitrary number of possibly vulnerable services. |
|
|