Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Port-Knocking vulnerabilities?

from [Jay] Network Security [Permanent Link]
Subject: Re: Port-Knocking vulnerabilities?
Date: Mon, 31 Dec 2007 12:49:17 -0500 
Is portknocking a weaker security mechanism. Does that discount it completely.

Telnet and ftp our clear text. Just because something can be defeated doesn't 
mean it loses 'all' its classification
A door is meant to provide some defense to the outside of your house. I can 
certainly bash it in with a sledge hammer. It still serves its purpose as a 
layer of the defense.

Again we are talking about security basics here. You can say it isn't viable or 
is inherently weak. But the way it is implemented its used for authentication. 
Plain and simple.

----- Original Message -----
From: Ansgar -59cobalt- Wiechers [mailto:bugtraq@planetcobalt.net]
To: security-basics@securityfocus.com
Sent: Sat, 29 Dec 2007 14:28:53 +0100
Subject: Re: Port-Knocking vulnerabilities?

On 2007-12-28 Jay wrote:

Portknocking is a security mechanism as it is a type of
authentication. "Something you know" in this case the sequence of
ports to knock before a unstarted service or daemon begins listening
for connections.


Since everything is transmitted in the clear port-knocking is as much of
a security mechanism as cleartext passwords. Technically: maybe
(depending on your definition). Realistically: no.

Regards
Ansgar Wiechers
--
"The Mac OS X kernel should never panic because, when it does, it
seriously inconveniences the user."
--http://developer.apple.com/technotes/tn2004/tn2118.html
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RDP Encryption Level (was RE: RDP sniffing), Rui Pereira (WCG)
Next by Date:  Re: microsoft updates, Ali, Saqib
Previous by Thread:  RE: Port-Knocking vulnerabilities?, Jay
Next by Thread:  Re: Port-Knocking vulnerabilities?, Ansgar -59cobalt- Wiechers
Indexes:  [Date] [Thread] [Top] [All Lists]