Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Port-Knocking vulnerabilities?

from [Tom Corelis] Network Security [Permanent Link]
Subject: RE: Port-Knocking vulnerabilities?
Date: Fri, 28 Dec 2007 10:20:40 -0800 
I suppose you could do two successive port scans and hope the second
completes before the port-knockers' threshold..... 


--
Tom Corelis
TBC IT

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of Kappa Alpha Pi Eta
Sent: Friday, December 28, 2007 7:12 AM
To: security-basics@securityfocus.com
Subject: Port-Knocking vulnerabilities?


Hi listers.

so I read this thread about port-knocking (altough called "reflexsive
firewalls"). I'd never heard of that and found that to be an very
interesting mechanism. Now I just keep wondering, what an attacker could
possibly do to intrude system secured in such a way. So there are no
open ports at all, also, there's no way the attacker could access the
computer physically or via social engineering. The attacker knows that a
knock-server is running and that there's some daemon waiting to become
accessible (what ever that may be).
What could a attacker do to somehow get access to that machine? And how
can I secure that machine from that kind of attacks.

Thanks in advance,
Kajin
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Reflexive firewalls?, benoni.martin
Next by Date:  Re: Sans GCFW - What about the "OnDemand" training version ?, Andrea Gatta
Previous by Thread:  Port-Knocking vulnerabilities?, Kappa Alpha Pi Eta
Next by Thread:  RE: Port-Knocking vulnerabilities?, Craig Wright
Indexes:  [Date] [Thread] [Top] [All Lists]