Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Sending remote procedure calls through e-mail (RPC-Mail)

From: Paul Wouters <paul () xelerance com>
Date: Wed, 20 Oct 2004 15:57:49 +0200 (MET DST)
On Wed, 20 Oct 2004, John Bryson wrote:


Yes, but wouldnt port knocking stop a lot of automated attacks?


And add a DDOS one? A new worm will just portknock some common examples
and keep knocking until the silly portknock code will automaticly disable
port knocking. At least, the portknocking code I looked at for a few
minutes a while ago was stupid enough to have this 'protection' against
brute force port knocking. And instead of trying it once, it will keep
trying to break in, wasting more resources then if it tried once and saw
it didn't work.

port knocking is stupid. If you want to protect your host, only allow SSH
through IPsec. Then you only need to be aware of the IKE daemon running
on that host (and any other public service this machine should perform to
non-authenticated users)

if you want to knock, use an authenticated knock, not morse code. We didn't
invent computers for nothing.

Paul
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: