Security Basics mailing list archives

Re: Port Knocking questions

From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Tue, 2 Mar 2004 02:03:35 +0100

On 2004-03-01 H Carvey wrote:

Does it require the hacker to be able to ping the device?


Again, it depends on the implementation.  If the author of the
application using port knocking requires an ICMP packet to be in the
mix, then the answer would be "yes".


Not necessarily. I suppose we can assume that "being able to ping" means
that the remote host will respond with icmp-echo-replies to icmp-echo-
requests. For ICMP-based port-knocking (does this make sense at all,
since ICMP does not have ports?) the host will only need to log incoming
ICMP packets, but won't have to send echo-replies. Thus the caller won't
be able to ping the device.

Regards
Ansgar Wiechers

---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security

Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.

Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_security-basics_040301
----------------------------------------------------------------------------

Current thread:

Port Knocking questions Richard Shinkle (Mar 01)
- RE: Port Knocking questions David Gillett (Mar 01)
- RE: Port Knocking questions Yvan Boily (Mar 01)
- Re: Port Knocking questions Ansgar -59cobalt- Wiechers (Mar 01)
- Re: Port Knocking questions Vincent (Mar 02)
- <Possible follow-ups>
- Re: Port Knocking questions H Carvey (Mar 01)
  - Re: Port Knocking questions Ansgar -59cobalt- Wiechers (Mar 02)