Have a look at this article:
http://www.cipherdyne.com/fwknop/docs/SPA.html
I believe that it goes over some of the problems of traditional
port-knocking and provides info on how SPA resolves the issue.
- Nd
On Fri, 28 Dec 2007 13:20:40 -0500 Tom Corelis
<tomc@targetbilling.com> wrote:
I suppose you could do two successive port scans and hope the
second
completes before the port-knockers' threshold.....
--
Tom Corelis
TBC IT
-----Original Message-----
From: listbounce@securityfocus.com
[mailto:listbounce@securityfocus.com]
On Behalf Of Kappa Alpha Pi Eta
Sent: Friday, December 28, 2007 7:12 AM
To: security-basics@securityfocus.com
Subject: Port-Knocking vulnerabilities?
Hi listers.
so I read this thread about port-knocking (altough called
"reflexsive
firewalls"). I'd never heard of that and found that to be an very
interesting mechanism. Now I just keep wondering, what an attacker
could
possibly do to intrude system secured in such a way. So there are
no
open ports at all, also, there's no way the attacker could access
the
computer physically or via social engineering. The attacker knows
that a
knock-server is running and that there's some daemon waiting to
become
accessible (what ever that may be).
What could a attacker do to somehow get access to that machine?
And how
can I secure that machine from that kind of attacks.
Thanks in advance,
Kajin
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's
FREE!
--
Click for free information on court reporter careers, $100 per hour potential.
http://tagline.hushmail.com/fc/Ioyw6h4dB33BbcxuT6UfBAENr3dKOPGZBQxGmjVRdS3AVlmt8baG3i/
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
