It is absolutely still a vulnerability; there's no way to protect yourself again... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		o11c on Aug 23, 2024 \| parent \| context \| favorite \| on: Show HN: Ruroco – like port knocking, but better It is absolutely still a vulnerability; there's no way to protect yourself against someone who can read the sequence numbers anywhere in the middle of the network. Crypto can help you detect this but not prevent it. RST attacks in particular are common enough to make TCP completely unsuitable for reliable long-term connections. And since TCP is also unsuitable for short-term connections, that leaves UDP the only option.

beagle3 on Aug 23, 2024 [–]

Which is exactly what I said two posts up. https://news.ycombinator.com/item?id=41329065

Now, RST attacks are still a thing, but mostly irrelevant to this port knocking alternative.

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact