Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: an anternative to port-knoking using the OpenBSD pf only

From: poplix <poplix () papuasia org>
Date: Tue, 28 Feb 2006 00:09:25 +0100
Hi,
Easily perhaps from many internal networks. But it's much more difficult for an attacker to sniff it without access to either the client's network and the server's network.
I think a security layer must fits the anybody needs and cannot fail only because the connecting host is not on a safe location.
But it is a security layer because it makes a system harder to hack. How is that not a security layer?
It's not easy to define the meaning of security layer. It's not wrong to define a security layer as "anything that increase security" but it's not exactly correct. It's possible to distinguish between a security layer and a security measure: a security layer is a part of a system designed to increase the security; a security measure is any measure we adopt to make our system safer. Adding a firewall rule that allow access to a trusted ip only is a security measure, the firewall itself is a security layer. I think port-knocking is not a security layer because it plays with an existing security layer, i.e. the firewall. If you bind sshd on a different port every hour, probably you system is safer, but how can you consider this a security layer? Maybe you can call it a security measure....
Well then it does protect the vault from rain, right? It's still protecting.
Ok, cellophane protects the vault against rain, but it doesn't protect its content against thiefs ....
Maybe we can focus a new discussion on the security layer meaning.... it can be more interesting than port-knocking ;) 


cheers
poplix

------------------------------------------------------------------------------
This List Sponsored by: Lancope

"Discover the Security Benefits of Cisco NetFlow"
Learn how Cisco NetFlow enables cost-effective security across distributed enterprise networks. StealthWatch, the veteran Network Behavior Analysis (NBA) and Response solution, leverages Cisco NetFlow to provide scalable, internal network security. Download FREE Whitepaper "Role of Network Behavior Analysis (NBA) and Response Systems in the Enterprise." 

http://www.lancope.com/resource/
------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: