| 1 |
On Sun, 03 Feb 2008 08:06:47 -0800 |
| 2 |
kashani <kashani-list@××××××××.net> wrote: |
| 3 |
|
| 4 |
> Grant wrote: |
| 5 |
> >> I don't know about large setups, where it might be very possible |
| 6 |
> >> that port knocking becomes a major PITA as you say. But I have |
| 7 |
> >> setup and used port knocking for remote ssh access lots of time in |
| 8 |
> >> the past, and never had a problem. This is just my little |
| 9 |
> >> experience, of course. |
| 10 |
> > |
| 11 |
> > OK, port knocking is going back on the todo list. |
| 12 |
> |
| 13 |
> I don't free as strongly as Alan, but I've never been overly |
| 14 |
> impressed with the idea of port knocking. Mostly because any |
| 15 |
> monitoring of services would be a total nightmare. And |
| 16 |
> troubleshooting it would suck. Is the service down? Is it the knock? |
| 17 |
> and so on. |
| 18 |
> |
| 19 |
> What I do like is openvpn. Script kiddies don't look for it |
| 20 |
> and I prefer to have full access to my home boxes rather than having |
| 21 |
> to mess with port forwarding. As far as complexity goes its easy to |
| 22 |
> setup in an afternoon and there are clients for Windows, OSX, Linux, |
| 23 |
> BSD, etc. |
| 24 |
> kashani |
| 25 |
|
| 26 |
Another openVPN vote from me. Makes deployment across geographically |
| 27 |
distinct network much easier, and good security too. |
| 28 |
-- |
| 29 |
gentoo-user@l.g.o mailing list |
Archives