Dailydave mailing list archives

RE: Sending remote procedure calls through e-mail(RPC-Mail)

From: Frank Knobbe <frank () knobbe us>
Date: Wed, 20 Oct 2004 14:53:53 -0500

On Wed, 2004-10-20 at 14:33, John Bryson wrote:

With a trivial port knocking scheme, I would have to agree.
But, I disagree that its easy for a worm to do this, unless your port
knocking scheme was trivial like 'hit port 55 then 5'.


My point was that it does not protect public services from worms --
services that need to be accessed by anyone, without knowledge of
passwords or port-knocking sequence.

The statement "port-knocking protects you from worm attacks" is flawed.

While it may veil and protect private services, so do many other
mechanism (like IPSec tunnels, or my favorite, SSH).

-Frank

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Re: Sending remote procedure calls through e-mail(RPC-Mail) David Maynor (Oct 19)
- <Possible follow-ups>
- RE: Sending remote procedure calls through e-mail(RPC-Mail) Maynor, David (ISS Atlanta) (Oct 20)
  - RE: Sending remote procedure calls through e-mail(RPC-Mail) Frank Knobbe (Oct 20)
    - RE: Sending remote procedure calls through e-mail(RPC-Mail) John Bryson (Oct 20)
    - RE: Sending remote procedure calls through e-mail(RPC-Mail) Frank Knobbe (Oct 20)
    - Re: Sending remote procedure calls through e-mail(RPC-Mail) Florian Weimer (Oct 20)
    - RE: Sending remote procedure calls through e-mail(RPC-Mail) Paul Wouters (Oct 20)
    - RE: Sending remote procedure calls through e-mail(RPC-Mail) Frank Knobbe (Oct 20)
    - Re: Sending remote procedure calls through e-mail(RPC-Mail) Sandino Araico Sánchez (Oct 20)
    - RE: Sending remote procedure calls through e-mail(RPC-Mail) Paul Wouters (Oct 20)