Security Basics mailing list archives
Re: Port-Knocking vulnerabilities?
From: "T. Shannon Gilvary" <tsgilvary () enconmech com>
Date: Fri, 28 Dec 2007 13:38:47 -0500
Kappa Alpha Pi Eta wrote:
Hi listers. so I read this thread about port-knocking (altough called "reflexsive firewalls"). I'd never heard of that and found that to be an very interesting mechanism. Now I just keep wondering, what an attacker could possibly do to intrude system secured in such a way. So there are no open ports at all, also, there's no way the attacker could access the computer physically or via social engineering. The attacker knows that a knock-server is running and that there's somedaemon waiting to become accessible (what ever that may be). What could a attacker do to somehow get access to that machine? Andhow can I secure that machine from that kind of attacks.
If the attacker is aware there is port knocking instituted on the server and can sniff the packets, the port knock essentially becomes a password in the clear. It's useful as an extra layer of security, but far from invulnerable to a determined attacker.
-- T. Shannon Gilvary Encon Mechanical, Corp. (732)922-1305 Fax: (732)922-0745 tsgilvary () enconmech com
Current thread:
- Port-Knocking vulnerabilities? Kappa Alpha Pi Eta (Dec 28)
- RE: Port-Knocking vulnerabilities? Tom Corelis (Dec 28)
- RE: Port-Knocking vulnerabilities? Craig Wright (Dec 31)
- Re: Port-Knocking vulnerabilities? Ansgar -59cobalt- Wiechers (Dec 28)
- RE: Port-Knocking vulnerabilities? Sean Tindall (Dec 31)
- Re: Port-Knocking vulnerabilities? T. Shannon Gilvary (Dec 28)
- <Possible follow-ups>
- RE: Port-Knocking vulnerabilities? nobledark (Dec 28)
- Re: Port-Knocking vulnerabilities? Jay (Dec 31)
- Re: Port-Knocking vulnerabilities? Ansgar -59cobalt- Wiechers (Dec 31)
- Re: Port-Knocking vulnerabilities? Robert Inder (Dec 31)
- Re: Port-Knocking vulnerabilities? Goldstein101 (Dec 31)
- RE: Port-Knocking vulnerabilities? Craig Wright (Dec 31)
- Re: Port-Knocking vulnerabilities? Ansgar -59cobalt- Wiechers (Dec 31)
- RE: Port-Knocking vulnerabilities? Craig Wright (Dec 31)
- Re: Port-Knocking vulnerabilities? Ansgar -59cobalt- Wiechers (Dec 31)
- RE: Port-Knocking vulnerabilities? Tom Corelis (Dec 28)