To me, shimmer and port knocking both seem ridiculous. In the case of shimmer, from what I understand, you're essentially using a shared secret to create somewhere between 4 and 16 bits of data (= "the port number"), and sending that to the server as your unencrypted "authentication". If you want to secure a service, why not just add a real authentication step? Make a TCP connection, authenticate yourself using the shared key, and then be granted access. No flashy tricks...
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds