Create an Account
username: password:
 
  MemeStreams Logo

RE: Port Knocking

search


RE: Port Knocking
by Abaddon at 12:16 am EST, Feb 6, 2004

yeah, I would argue that its actually not much added security, thats all a proxy server does and a proxy server has real authentication involved...in fact think about it for a second and you'll see that all a proxy server is, a gateway to deside whether or not to pass traffic through on a port...so if you authenticate then the proxy server opens the port open to you...this has very poor authentication, almost non-existant...

its not going to be worse security than nothing...but its a bad thing in my opinion that let these things get out of hand without security experts input, because people will take this to be what they need to secure their machines, and its not going to do that...

also think about the people that need this level of security, then think about the people that attack those people, even a mediocre hacker could get past this...true he would have to get past it, but any proxy server will do a better job than this does, even if the hacker can see your traffic...

--Abaddon

Acidus wrote:
] ] Briefly, users make connection attempts to sequences of
] ] closed ports. The failed connections are logged by the
] ] server-side packet filtering firewall and detected by a
] ] dæmon that monitors the firewall log file. When a
] ] properly formatted knock sequence, playing the role of
] ] the secret used in the authentication, is received,
] ] firewall rules are manipulated based on the information
] ] content of the sequence. This user-based authentication
] ] system is both robust, being mediated by the kernel
] ] firewall, and stealthy--it's not possible to detect
] ] whether a networked machine is listening for port knocks.
] ] Port knocking does not require any open ports, and it can
] ] be extended to transmit any type of information encoded
] ] in a port sequence.
]
]
] This is so very very cool

RE: Port Knocking


 
 
Powered By Industrial Memetics