RE: Port Knocking questions

["David Gillett" <gillettdavid () fhda edu>]

  Since most ordinary applications don't work this way, such
services can only be accessed using specialized tools.  Technically,
that makes it a security tool, but one that is routinely used by 
crackers to secure an unauthorized backdoor rather than by 
administrators to secure an authorized service.
  A host might have "ICMP echo request" blocked, or this might
be blocked at a firewall in front of it; if the knock sequence
doesn't use that, then the block will not interfere with it.
(It's *convenient* to use ping to determine if a server is up,
but it's not a requirement.)

Dave Gillett


> -----Original Message-----
> From: Richard Shinkle [mailto:rshinkle451 () hotmail com]
> Sent: Friday, February 27, 2004 8:58 PM
> To: security-basics () securityfocus com
> Subject: Port Knocking questions
>
>
> Hello...
>
> I have a few questions about port knocking.  First of all, is 
> it a hacker 
> tool or a security tool?  Does it require the hacker to be 
> able to ping the 
> device?
>
> Rich S.
>
> _________________________________________________________________
> Watch high-quality video with fast playback at MSN Video. Free! 
> http://click.atdmt.com/AVE/go/onm00200365ave/direct/01/
>
>
> --------------------------------------------------------------
> -------------
> --------------------------------------------------------------
> --------------

---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security

Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.

Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_security-basics_040301
----------------------------------------------------------------------------