Hacker News new | past | comments | ask | show | jobs | submit login

Most ordinary users will connect to the internet using a router provided by their ISP so port knocking does not work. Unless they plant the malicious code on the router - that would be even harder to detect.



This is correct, almost all user side traffic is nat’d (masquerade/Src-nat) thus port knocking nor any ports externally being open, does not apply.

(NAT , in general, = how the multiple devices at your home all share a single public IP address from your ISP)

This article mainly addresses servers / public facing services (which do not make use of nat)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: