RE: Port-Knocking vulnerabilities?

[<nobledark () hushmail com>]

Have a look at this article:

http://www.cipherdyne.com/fwknop/docs/SPA.html

I believe that it goes over some of the problems of traditional 
port-knocking and provides info on how SPA resolves the issue.


 - Nd

On Fri, 28 Dec 2007 13:20:40 -0500 Tom Corelis 
<tomc () targetbilling com> wrote:
> I suppose you could do two successive port scans and hope the 
> second
> completes before the port-knockers' threshold..... 
>
>
> --
> Tom Corelis
> TBC IT
>
> -----Original Message-----
> From: listbounce () securityfocus com 
> [mailto:listbounce () securityfocus com]
> On Behalf Of Kappa Alpha Pi Eta
> Sent: Friday, December 28, 2007 7:12 AM
> To: security-basics () securityfocus com
> Subject: Port-Knocking vulnerabilities?
>
>
> Hi listers.
>
> so I read this thread about port-knocking (altough called 
> "reflexsive
> firewalls"). I'd never heard of that and found that to be an very
> interesting mechanism. Now I just keep wondering, what an attacker 
> could
> possibly do to intrude system secured in such a way. So there are 
> no
> open ports at all, also, there's no way the attacker could access 
> the
> computer physically or via social engineering. The attacker knows 
> that a
> knock-server is running and that there's some daemon waiting to 
> become
> accessible (what ever that may be).
> What could a attacker do to somehow get access to that machine? 
> And how
> can I secure that machine from that kind of attacks.
>
> Thanks in advance,
> Kajin
> _________________________________________________________________
> Express yourself instantly with MSN Messenger! Download today it's 
> FREE!

--
Click for free information on court reporter careers, $100 per hour potential.
http://tagline.hushmail.com/fc/Ioyw6h4dB33BbcxuT6UfBAENr3dKOPGZBQxGmjVRdS3AVlmt8baG3i/
> http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/