Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Port-Knocking vulnerabilities?

from [Robert Inder] Network Security [Permanent Link]
Subject: Re: Port-Knocking vulnerabilities?
Date: Mon, 31 Dec 2007 18:27:51 +0000 
On 29/12/2007, Ansgar -59cobalt- Wiechers <bugtraq@planetcobalt.net> wrote:

On 2007-12-28 Jay wrote:

Portknocking is a security mechanism as it is a type of
authentication. "Something you know" in this case the sequence of
ports to knock before a unstarted service or daemon begins listening
for connections.


Since everything is transmitted in the clear port-knocking is as much of
a security mechanism as cleartext passwords. Technically: maybe
(depending on your definition). Realistically: no.


I think your dismissal of port knocking (and, indeed, plain text
passwords) is unrealistic.

If you can intercept my interaction with some remote server, you can
steal the relevant secrets (the password or the sequence of ports).

But isn't that quite a substantial "if"?

How are you going to do it?  Aren't you going to have to compromise
some other machine, either where I am, or where the server is (or, I
guess, where the relevant DNS records are), and then plant software to
deliberately wait and watch until a relevant interaction takes place?

I'm not saying that's impossible.  But it would take considerable
knowledge, planning and effort.

Why doesn't that make it a substantial defence against most kinds of
casual attack?

Robert.

-- 
Robert Inder        Interactive Information Ltd,            Registered
in Scotland
07808 492 213     3, Lauriston Gardens,                  Company no. SC 150689
0131 229 1052     Edinburgh EH3 9HH
                          SCOTLAND UK             Interactions speak
louder than words
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: OT: IP of the originating machine from a gmail email, dave kleiman
Next by Date:  RE: microsoft updates, Calima47
Previous by Thread:  Re: Port-Knocking vulnerabilities?, Ansgar -59cobalt- Wiechers
Next by Thread:  Re: Port-Knocking vulnerabilities?, Goldstein101
Indexes:  [Date] [Thread] [Top] [All Lists]