Re: Port Knocking - An interesting idea

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: tickticker
Date:  
To: plug-discuss
Subject: Re: Port Knocking - An interesting idea
yes, it was on slashdot a couple months ago

anthony

From: Fred Wright <>
Date: 2004/03/16 Tue PM 03:09:31 EST
To:
Subject: Port Knocking - An interesting idea

I first read about this in Bruce Schneier's CRYPTO-GRAM, March 15,
2004. Has anyone else heard/thought about this?

/quote
Port Knocking

Port knocking is a clever new computer security trick. It's a way to
configure a system so that only systems who know the "secret knock" can
access a certain port. For example, you could build a port-knocking
defensive system that would not accept any SSH connections (port 22) unless
it detected connection attempts to closed ports 1026, 1027, 1029, 1034,
1026, 1044, and 1035 in that sequence within five seconds, then listened on
port 22 for a connection within ten seconds. Otherwise, the system would
completely ignore port 22.

It's a clever idea, and one that could easily be built into VPN systems and
the like. Network administrators could create unique knocks for their
networks -- family keys, really -- and only give them to authorized
users. It's no substitute for good access control, but it's a nice
addition. And it's an addition that's invisible to those who don't know
about it.

<http://www.linuxjournal.com/article.php?sid=6811>
<http://www.portknocking.org/>
/endquote



--
Fred Wright
fawright-at-earthlink-dot-net

---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss


---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss