Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: SSHD and SSH Call-out via Port Knocking

from [Johan De Meersman] Network Security [Permanent Link]
Subject: Re: SSHD and SSH Call-out via Port Knocking
Date: Wed, 07 Sep 2005 11:06:09 +0200 
guyverdh@mchsi.com wrote:


Both versions use a series of scripts to write numerals into a temporary file 
via knocks on specific ports.  This file is then read when one of two ports 
are knocked after having 12 digits written to the file.
 


expand on this, please - what are those 12 digits, where do you get them
from, ... ?


One port, reads the temporary file, builds the IP address, then creates an 
iptables entry that allows the specified IP address to connect via SSH for 
approximately 30 seconds.  It then closes the SSHD daemon, and drops the 
iptables entry.
 


Standard port knocking, well documented. What's the use of the tempfile ?


The second port, reads the temporary file, builds the IP address, then causes 
SSH to connect to the specified IP address with a backchannel defined.  This 
allows the remote client to ssh into the server via this backchannel.
 


If I understand this correctly, you're going to tunnel an SSH connection
over another SSH connection ? Why ?


-- 
You will gain money by a fattening action.
-- 

Public GPG key at blackhole.pca.dfn.de

GCS/IT d- s:+ a- C(+++)$ UL++++$ P+++(++++)$ L++(+++)$ !E- W+(+++)$
N+(++) o K w$ !O !M V PS(++)@ PE-(++)@ Y+ PGP++(+++) t(+) 5 X R tv--
b++(++++) DI++(++++) D++ G e++>+++++ h(+) r y+**

Attachment: signature.asc
Description: OpenPGP digital signature

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: OpenSSH 4.2 and OpenBSD 3.5, Darren Tucker
Next by Date:  Re: file transfer size limit, Frank Wang
Previous by Thread:  SSHD and SSH Call-out via Port Knocking, guyverdh
Next by Thread:  Re: SSHD and SSH Call-out via Port Knocking, guyverdh
Indexes:  [Date] [Thread] [Top] [All Lists]