Not logged in
Log in now
Create an account
Subscribe to LWN
Pencil, Pencil, and Pencil
Dividing the Linux desktop
LWN.net Weekly Edition for June 13, 2013
A report from pgCon 2013
Little things that matter in language design
The port nocking method is not security through obscurity. All authentication mechanisms are
based on some private information: a public key, a password, ... You can think of the port
nocking sequence as part of this private information.
Nitpicking (Preventing brute force ssh attacks)
Posted Oct 25, 2007 21:43 UTC (Thu) by njs (guest, #40338)
You're right in your facts, but I think not-quite-right in spirit.
Port-knocking adds some entropy to your effective password, yes. But if all you wanted was
some extra entropy, you'd be much better off just choosing a slightly longer password or key
-- just as secure, and substantially more convenient.
But people use port knocking despite this. AFAICT, there are two reasons: (1) its
rube-goldbergian complexity and attendent ritual appeal to a certain sort, who feel it *must*
therefore be secure. This is exactly the impulse that security people are (rightfully) trying
to squash when they sneer about security through obscurity. (2) it's relative scarcity does
provide some security benefit -- since only weirdos use port-knocking, the script kiddies
don't bother trying to brute-force it, and casual attackers will in fact be repelled. This
also makes it easier to distinguish casual and determined attackers -- e.g. only one leaves
lines in the ssh logs -- and so on. If it ever becomes popular, of course, the script kiddies
will catch on and this effect will disappear.
So port knocking provides no magic bullet against determined attackers (but people who
encounter it often fall for (1) and think it does, and the more it gets advocated the more
this nonsense gets carried along), not much benefit in the long run (which makes it curious
that people advocate it at all; if you are using port knocking for the "right" reasons, you
should discourage everyone else from using it, which may make some suspicious whether people
*are* using it the right reasons), and engineering-wise it is just so *silly* that it leaves a
bad taste in the mouth -- no-one wants this to become the usual way of designing security
Posted Oct 28, 2007 17:36 UTC (Sun) by oak (guest, #2786)
Assuming the attacker cannot sniff which ports you're using (i.e. they
have to attack blindly), using a sequence of ports could be considered
also a password of a kind, with an *64K* alphabet.
Posted Oct 28, 2007 20:58 UTC (Sun) by njs (guest, #40338)
Yes. I'm not sure what your point is, though -- I already agreed that adding port knocking is
like making your password longer, and there's nothing magical about a 64K alphabet. It just
means that a single knock gives you about 16 bits of entropy, as compared to 6 bits from a
random ascii character, so 1 knock gives a bit less than 3 (good) password characters. Or...
you can just use a 4096-bit key and be done with it.
Posted Oct 28, 2007 21:02 UTC (Sun) by njs (guest, #40338)
Oh, right, and should have also pointed out -- passwords/keys remain safe even if the attacker
is allowed to sniff all they want, no extra work is required to be secure in that case.
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds