March 15, 2004
SSH Port-knocking

BoingBoing reports about a very neat, defensive firewall system, defining "port knocking" for TCP/IP ports:

Port-knocking -- like a secret knock for firewalls. Schneier calls it "defensive system that would not accept any SSH connections (port 22) unless it detected connection attempts to closed ports 1026, 1027, 1029, 1034, 1026, 1044, and 1035 in that sequence within five seconds, then listened on port 22 for a connection within ten seconds. Otherwise, the system would completely ignore port 22."
Linux Journal writes:
Benefits of Port Knocking

One of the key features of port knocking is it provides a stealthy method of authentication and information transfer to a networked machine that has no open ports. It is not possible to determine successfully whether the machine is listening for knock sequences by using port probes. Thus, although a brute-force attack could be mounted to try to guess the ports and the form of the sequence, such breach attempts could be detected easily.

Sponsored links
Related Entries
Post a comment

(Will not be displayed if you enter a website below. Otherwise, it will be displayed "spam protected")

(if you have one)

What do you want to say?
(please don't bother posting "spam" (pornography, viagra-sales etc - I will delete such comments anyway))

Remember info?

Referrers to this page
TrackBack URL for this entry:

[an error occurred while processing this directive]

© Anders Jacobsen
[ photography]