"Port Knocking" For Added Security

Posted by CmdrTaco on Thursday February 5, 2004 @07:03AM from the thats-a-crazy-idea dept.

Jeff writes "The process of Port Knocking is a way to allow only people who know the "secret knock" access to a certain port on a system. For example, if I wanted to connect via SSH to a server, I could build a backdoor on the server that does not directly listen on port 22 (or any port for that matter) until it detects connection attempts to closed ports 1026,1027,1029,1034,1026,1044 and 1035 in that sequence within 5 seconds, then listens on port 22 for a connection within 10 seconds. The web site explains it in some detail, and there is even an experimental perl implementation of it that is available for download. I can't think of any easy ways you could get around a system using this security method - let alone even know that a system is implementing it. Another article on port knocking is here."

4 of 950 comments (clear)

Min score:

Reason:

Sort:

Interesting. by Vindictive · 2004-02-05 07:04 · Score: 0, Offtopic

Damn, interesting...
VPNs already solved this problem... by zerofoo · 2004-02-05 07:11 · Score: 0, Offtopic

I already have a solution for this scenario. It's called a VPN. Anyone who doesn't know the "secret handshake" (VPN encryption key) doesn't get past the firewall. I don't have to worry about port 22 on my server....or any other port.

-ted
Re:not bad by zmooc · 2004-02-05 07:36 · Score: 0, Offtopic

Well I'm smoking something and I understood it so do the math:)

--
0x or or snor perron?!
Re:not bad by trmj · 2004-02-05 08:39 · Score: 0, Offtopic

just testing my new sig, thanks for thinking of it for me :-)

stupid 120 char limit though, I had to cut some of it out.

--
Work sucked, until it became unemployment, when it became slightly more tolerable. -Tet