Ask HN: How obscure is this security protocol?

1 points by eeegnu ↗ HN
I've seen many discussions about how security by obscurity isn't itself effective. Though it's led me to think about some obscure protocols that I can't see any way anyone could just figure out. For instance, keep port 22 for ssh, but only allow it to accept a correct password if you previously in sequential order attempted to access ports 764, 964, 1102, otherwise make even a correct password input reject access. I'm still in the process of learning everything about server hosting, but I don't see any obvious flaws in this kind of construction, though it relies on this not being a widespread idea.

3 comments

[ 2.9 ms ] story [ 18.8 ms ] thread
That's known as port knocking: https://en.wikipedia.org/wiki/Port_knocking

typically considered too much effort/complexity.

Only difference seems to be that there all ports remain closed (making it obvious that you're using such a method, since you need some way of accessing it too.) And you get some kind of signal about a port opening if you do happen to get it right, whereas allowing password / key exchange to properly go through after some sequence gives no real signal. It also seems simpler implementation wise than dynamically changing the firewall.