|
|
|
|
|
|
by Sami_Lehtinen
4638 days ago
|
|
|
I personally see port knocking with cryptographic payload just as one tool on layered security. I'm still wondering why people bother horrible VPN/IPsec junk with annoying clients. I got something like 10 different clients installed. It shouldn't be required at all, if systems and protocols are already secure. You can use something like TOTP key as payload to open ports up or something more complex/secure if you want. Afaik passwords aren't bad option either. You should consider password as shared secret blob, not as password. It's as unlikely that someone is going to guess 256 bit password as it is that they guess any other 256 bit secret. |
|
|