Re: Possible New Security Tool For FreeBSD, Need Your Help.

From: Jason DiCioccio (geniusj@bluenugget.net)
Date: 08/31/01 

Date: Fri, 31 Aug 2001 12:43:48 -0700
From: Jason DiCioccio <geniusj@bluenugget.net>
To: Not Going to Tell You <luckywolf19@hotmail.com>

Actually you could even have it so it would only accept() for about 10 seconds.
it doesn't have to be accepting connections when you're SSH'd in. The problem
with this of course is it's another key that can be sniffed. I don't see how
it would hurt though as long as you're using secure protocols/services as well.
Basically, just don't put all of your trust into that one key :)

Cheers,
-JD-

On Fri, Aug 31, 2001 at 07:33:51PM +0000, Not Going to Tell You wrote:
> Sorry for the blank e-mail.
>
> I have an idea, maybe you either know if it is already been done or you can
> help me write this software:
>
> What if I would scan 5 ports in a defined order, within a define period of
> time on my remote box. A program on the box would recognize these 5 port
> scans as a "Key" from a remote user to open a port or to activate another
> software.
>
> Why would this be good?
> I could close all the ports on my box except those needed to provide a
> service (i.e. port 80), however, how can I remote manage it? So then I would
>
> have to open a sshd port also. But this leads to a potential security
> problem when scanned by a hacker. So, what if I had a program that sent a
> type of "Key" to the box and the box recognized that the key sequence order
> was from me, then opened the sshd port. After I was finished with the sshd
> session, I would run another program to close the port behind me?
>
> Any thoughts and help is welcomed.
>
> Lucky
>
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
> 

-- 
Jason DiCioccio - geniusj@bsd.st - PGP Key @ http://bsd.st/~geniusj/pgpkey.asc

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages

  • Re: Unable to Connect to Server/Client Desktop using RWW
    ... Port 4125 only needs to be forwarded to the external NIC IP address on your ... SBS server. ... When a remote user cannot connect, asre there any errors listed in the event ... logs of the SBS server or of the target LAN workstation? ...
    (microsoft.public.backoffice.smallbiz)
  • Re: Remote Desktop
    ... I've gone to http://www.canyouseeme.org on the remote computer and it can ... Not sure if the modem is actually a router. ... As for port forwarding in my router, I've typed in 3389 for the ... Al Jarvi (MS-MVP Windows Networking) ...
    (microsoft.public.windowsxp.network_web)
  • Re: Deny rules...
    ... all times i could port scan and get to see port 80 (as that is the only ... No remote SysAdmin should be doing anything ... > If you are writing code to populate a Client set, ... >>I have few outside servers to connect from to my servers ...
    (microsoft.public.isa)
  • [NEWS] SSH service at Dell DRAC4 Denial of Service (Mocana)
    ... SSH service at Dell DRAC4 Denial of Service ... Dell Remote Access Card 4 allows customers to effectively manage ... After the use of such a port scanner, ...
    (Securiteam)
  • Re: Remote Web Workplace - Cannot Connect to Server Desktop, but can use outlook web access, tim
    ... You should absolutely close PORT 80 ... I had setup the services on the router but I hadn't then inserted them into the firewall rules set. ... Download Connection Manager, ... VBSCript: Remote Desktop Disconnected ...
    (microsoft.public.windows.server.sbs)