Re: port knocking - use closed ports for authentication

From: Splatter (me_at_me.net)
Date: 05/15/03

• Next message: Ed van Balen: "Re: Zywall 100 slows down after several hours"
• Previous message: Larry W4CSC: "Re: File-sharing thru a firewall"
• In reply to: Fondula di Carceri: "Re: port knocking - use closed ports for authentication"
• Next in thread: Martin Krzywinski: "Re: port knocking - use closed ports for authentication"
• Reply: Martin Krzywinski: "Re: port knocking - use closed ports for authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Thu, 15 May 2003 10:59:28 -0400

"Fondula di Carceri" <fondula.di.carceri@gmx.net> wrote in message
news:%JHwa.2992$1u5.338@afrodite.telenet-ops.be...
> > port knocking is a novel method of using closed ports for user
> > authentication
> > http://mkweb.bcgsc.bc.ca/portknocking/
> > the method allows remote users, in possession of a secret, to manipulate
> > firewall rules to open ports thereby allowing connections into a
> completely
> > isolated networked host; the method can be extended to transfer
arbitrary
> > information across closed ports
> > this approach to securing networked hosts is described in the current
> issue
> > of Sys Admin Magazine
> > http://www.samag.com/current/
>
> I've been doing this for over a year now for ssh and ftp... can't believe
> this is something new..
> you only need some creativity, a flexible packet filter and an homebrewed
> ids :)
>
> Sincerely,
> Fondula di Carceri

It has been around a while. The linksys routers can do this as well they
call it port triggering I believe.

DP

---

• Next message: Ed van Balen: "Re: Zywall 100 slows down after several hours"
• Previous message: Larry W4CSC: "Re: File-sharing thru a firewall"
• In reply to: Fondula di Carceri: "Re: port knocking - use closed ports for authentication"
• Next in thread: Martin Krzywinski: "Re: port knocking - use closed ports for authentication"
• Reply: Martin Krzywinski: "Re: port knocking - use closed ports for authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: which ports are in need to be opened to change password over V ... that doesn't affect remote users. ... The packets come through the firewall as encrypted data. ... The only filters which could affect this would be filters between the VPN server and the DC. ... > Could you explain which ports are in need to be opened to change> passwords ... (microsoft.public.windows.server.networking) Re: Ports are need to be opend for SBS 2003 ... Ports that Enable Remote Access to SBS Services ... > Which ports need to be open so a remote users would have access to ... (microsoft.public.backoffice.smallbiz) RE: Ports are need to be opend for SBS 2003 ... required ports for SBS: ... > Which ports need to be open so a remote users would have access to ... > OWA? ... (microsoft.public.backoffice.smallbiz) Log on to domain ... I have a system that has a couple of remote users. ... they are unable to see the domain server (NT4 at present) ... ports are open? ... (microsoft.public.windowsxp.work_remotely) Re: How to find IP address of a machine on network? ... You can use nmap in a terminal to scan the network for open ports. ... PORT STATE SERVICE ... 80/tcp open http ... Not shown: 1709 closed ports ... (Ubuntu)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(10)