Security Basics mailing list archives

Re: Port Knocking questions

From: Vincent <pros-n-cons () bak rr com>
Date: Mon, 1 Mar 2004 17:16:54 -0800

On Fri, 27 Feb 2004 23:58:09 -0500
Richard Shinkle <rshinkle451 () hotmail com> wrote:

Hello...

I have a few questions about port knocking.  First of all, is it a hacker 
tool or a security tool?  Does it require the hacker to be able to ping the 
device?

Rich S.

_________________________________________________________________


Your other questions have been answered already but there is another
similar idea written by Brian Hatch author of Hacking Linux Exposed.
Instead of 'knocking' ports which as I understand it can be vulnerable
to brute force like attacks Hatch's solution uses dns queries to dynamicly
open up ports through the firewall, using the dns query as a password.
There is no 'service' listening but there is a sniffer waiting for a 
key string on port 53 that it will take action on. The best thing is it
is OS agnostic since DNS query tools are already on all OS's no client
software, or technical know-how is needed. And easily customizable if
you're fluent in perl.

Part 1) http://www.hackinglinuxexposed.com/articles/20030730.html
Part 2) http://www.hackinglinuxexposed.com/articles/20030814.html
Part 3) http://www.hackinglinuxexposed.com/articles/20030825.html

Attachment: _bin
Description:

Current thread:

Port Knocking questions Richard Shinkle (Mar 01)
- RE: Port Knocking questions David Gillett (Mar 01)
- RE: Port Knocking questions Yvan Boily (Mar 01)
- Re: Port Knocking questions Ansgar -59cobalt- Wiechers (Mar 01)
- Re: Port Knocking questions Vincent (Mar 02)
- <Possible follow-ups>
- Re: Port Knocking questions H Carvey (Mar 01)
  - Re: Port Knocking questions Ansgar -59cobalt- Wiechers (Mar 02)