Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: an anternative to port-knoking using the OpenBSD pf only

from [gimeshell] Network Security [Permanent Link]
Subject: Re: an anternative to port-knoking using the OpenBSD pf only
Date: Fri, 17 Feb 2006 09:52:03 +0100 
On Mon, 23 Jan 2006 22:44:52 +0100
poplix <poplix@papuasia.org> wrote:


   OUT (tcp.flags='syn')
    set(
     tcp.win='8192',ip.ttl='128',ip.flags.df='0',
     tcp.options='mss=3884+noop+wss=0+noop+noop+ts=TS'
    );

   This rule tells tripp to rewrite all outgoing tcp packets with
the SYN
   flag set only allowing my first handshake packet to match "poplix"
   fingerprint.


Does an attacker who wants to attack a server include aspect that
this maybe a system utilizing port knocking in this way?
Perhaps if he has focused at this system?

Am i right to say, your invented os fingerprint is random and unique 
and because of unlimited IP option field's length there's no
chance left for attacker to brute force ports with different option
field values et cetera to get correct option field + window size + ttl +
flag?

regards

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Pen Test liability waiver form, David Ball
Next by Date:  Re: Tools comparison and evaluation question (AppScan), Rory McCune
Previous by Thread:  Re: an anternative to port-knoking using the OpenBSD pf only, gimeshell
Next by Thread:  Re: an anternative to port-knoking using the OpenBSD pf only, poplix
Indexes:  [Date] [Thread] [Top] [All Lists]