User: Password:
|
|
Subscribe / Log in / New account

A proposal for "silent" port knocking

A proposal for "silent" port knocking

Posted Dec 19, 2013 5:16 UTC (Thu) by wahern (subscriber, #37304)
Parent article: A proposal for "silent" port knocking

If people invested as much time fixing bugs in server code and simplifying administration as they do in writing and configuring port knocking environments....

Ah well. It's free software. People can spend their time however they wish.


(Log in to post comments)

A proposal for "silent" port knocking

Posted Dec 19, 2013 8:57 UTC (Thu) by lolando (subscriber, #7139) [Link]

I'll plug my implementation (which uses a little bit of userspace but where the actual opening of ports is purely in-kernel): http://roland.entierement.nu/blog/2008/08/19/netfilter-ba...

Maybe at some point I'll make it more polished and distributable. In the meantime, as you said, free software and so on. Also, yes, I know, it doesn't protect from MITM (although the attack window can be made arbitrarily short).

A proposal for "silent" port knocking

Posted Dec 19, 2013 13:21 UTC (Thu) by jengelh (subscriber, #33263) [Link]

And there are already some existing codes out there, like xt_pknock.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds