RE: Port Knocking questions

["Yvan Boily" <yboily () seccuris com>]

Port knocking is a form of access control.  In short, port knocking is the
process of modifying access to a system based on a sequence of attempts to
connect to a network.  If you google for it you should find some good papers
on the subject.

Like any other security tool it can be used to improve security for either
legitimate uses, such as providing a form of authentication before granting
access to a server on a protected system, or for more nefarious purposes,
such as creating a backdoor that only opens when a sequence is played,
making such doors incredibly difficult to detect.

Regards,

Yvan Boily
Information Security Analyst
Seccuris 


-----Original Message-----
From: Richard Shinkle [mailto:rshinkle451 () hotmail com] 
Sent: Friday, February 27, 2004 10:58 PM
To: security-basics () securityfocus com
Subject: Port Knocking questions

Hello...

I have a few questions about port knocking.  First of all, is it a hacker
tool or a security tool?  Does it require the hacker to be able to ping the
device?

Rich S.

_________________________________________________________________
Watch high-quality video with fast playback at MSN Video. Free! 
http://click.atdmt.com/AVE/go/onm00200365ave/direct/01/


---------------------------------------------------------------------------
----------------------------------------------------------------------------




---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security

Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.

Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_security-basics_040301
----------------------------------------------------------------------------