On December 3, 2008, Steve wrote:
> Paul Hartman wrote:
> > I think using Dmitry's idea of rejecting the first 2 connections, but
> > then allowing it as normal on the third attempt would satisfy your
> > requirements for being on the normal port, allowing all IPs and
> > requiring no special setup on the client end (other than knowing they
> > have to to retry twice).
>
> Erm - surely I either need to set up my client to port-knock... which is
> a faff I'd rather avoid... in order to use the technique.  

nope. just start connection. wait a minute. cancel. start another one. wait a 
minute. cancel. start new one - voila! :)

> While I recognise port knocking as a valuable strategy in some
> circumstances, it seems a very bad fit for my needs.

well. Nobody but you knows your requiremens and specifics - we're just listing 
options. It's up to you to either take 'em or leave 'em ;)

-- 
Dmitry Makovey
Web Systems Administrator
Athabasca University
(780) 675-6245