I first read about this in Bruce Schneier's CRYPTO-GRAM, March 15,
2004. Has anyone else heard/thought about this?
/quote
Port Knocking
Port knocking is a clever new computer security trick. It's a way to
configure a system so that only systems who know the "secret knock" can
access a certain port. For example, you could build a port-knocking
defensive system that would not accept any SSH connections (port 22) unless
it detected connection attempts to closed ports 1026, 1027, 1029, 1034,
1026, 1044, and 1035 in that sequence within five seconds, then listened on
port 22 for a connection within ten seconds. Otherwise, the system would
completely ignore port 22.
It's a clever idea, and one that could easily be built into VPN systems and
the like. Network administrators could create unique knocks for their
networks -- family keys, really -- and only give them to authorized
users. It's no substitute for good access control, but it's a nice
addition. And it's an addition that's invisible to those who don't know
about it.
<
http://www.linuxjournal.com/article.php?sid=6811>
<
http://www.portknocking.org/>
/endquote
--
Fred Wright
fawright-at-earthlink-dot-net
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)