On Wed, 29 Sep 2004 16:08:53 -0500, Jacob S <[EMAIL PROTECTED]> wrote: > On Wed, 29 Sep 2004 21:55:59 +0200 > Matthijs <[EMAIL PROTECTED]> wrote: > > > In the dutch computer magazine C't, I read an article a few months ago > > about protecting your computer using a port knocking system. If I > > remember correctly, you can close a port (your SSH port, for example) > > and only open it when a pre-defined pattern of access attempts on a > > pre-defined port (unused for applications) is applied. The SSH port > > can then be set to open in your firewall, perhaps only for the > > IP-adress that performed the knocking sequence. > > hmm... You're right, it's not what I'm looking for, but it still sounds > like a good concept. I'd be interested in learning more about that, if > not for this use with ssh, I have a couple other applications it could > work with on servers.
Quick pro-cons: pro: if a remote root exploit for ssh is found, you aren't vulnerable unless the attacker knows your port-knocking code. pro-ish: a portscan doesn't show an ssh service running (which you might like). cons: you need to have software which supports port knocking to open up the port, which you may not have to hand in say e.g. a friends house, an internet cafe. con: depending on implementation, you might be vulnerable to exploits in the port-knocking daemon (so a tradeoff with the first pro). -- Jon Dowland [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
