[Zenst]

I've used it before, though this article seems to be fixated upon a fixed port sequence and fairly compares that to a password layer that is futile as between you and the server your knocking many people can see and know that sequence, making it moot.

Which I agree with. But if you use a port sewquence derived from a S/KEY, then each port knock sequence is a one time sequence never to be repeated.

It is a simple and dirty level of security using the much hated obscurity approach, but by varying the ports via a aranged S/KEY sequence you can move it up a whole level. S/KEY easy to do and worked well on old old old nokia over 10 years ago as a little simple java app. Just using it to derive a port sequence instead of a one time password.