|
|
|
|
|
|
Digg |
|
|
|
Conventional, woodpecker-style port knocking is open to sniffing and brute force knocking attacks. Sending an encrypted packet with an access request to the server is safer and more modern. Learn more about Firewall Knock Operator, a.k.a. Fwknop.
Conventional port knocking, which I described last month, protects you against attackers who routinely scan whole networks looking for “low-hanging fruit.” A cracker who takes more time and logs communications can also identify knocking signals because the sequences will repeat.
In theory, you might consider using lists of one-off knocking signals that become obsolete after use. Unfortunately, this is really complex. Besides, if the administrator is not creative enough, an attacker could just try out popular knocking sequences (port 7000, 8000, 9000, …) to gain access.
|
|
|
| Related Articles | |
|---|---|
| WHO’S THERE? | Remote access security with single-packet port knocking |
| Wherever you go... |
|---|
...Linux Magazine goes with you!Check out the advantages of a Digital Subscription:
|
Comments
You can also "do-it-yourself"
BoneKracker Jun 21, 2009 4:38am GMT
http://forums.gentoo.org/viewtopic-t-687956-highlight-port+knocking.htmlky
ky Jun 16, 2009 6:16pm GMT
Mohammad