1 |
On Sun, 03 Feb 2008 08:06:47 -0800 |
2 |
kashani <kashani-list@××××××××.net> wrote: |
3 |
|
4 |
> Grant wrote: |
5 |
> >> I don't know about large setups, where it might be very possible |
6 |
> >> that port knocking becomes a major PITA as you say. But I have |
7 |
> >> setup and used port knocking for remote ssh access lots of time in |
8 |
> >> the past, and never had a problem. This is just my little |
9 |
> >> experience, of course. |
10 |
> > |
11 |
> > OK, port knocking is going back on the todo list. |
12 |
> |
13 |
> I don't free as strongly as Alan, but I've never been overly |
14 |
> impressed with the idea of port knocking. Mostly because any |
15 |
> monitoring of services would be a total nightmare. And |
16 |
> troubleshooting it would suck. Is the service down? Is it the knock? |
17 |
> and so on. |
18 |
> |
19 |
> What I do like is openvpn. Script kiddies don't look for it |
20 |
> and I prefer to have full access to my home boxes rather than having |
21 |
> to mess with port forwarding. As far as complexity goes its easy to |
22 |
> setup in an afternoon and there are clients for Windows, OSX, Linux, |
23 |
> BSD, etc. |
24 |
> kashani |
25 |
|
26 |
Another openVPN vote from me. Makes deployment across geographically |
27 |
distinct network much easier, and good security too. |
28 |
-- |
29 |
gentoo-user@l.g.o mailing list |