Home page logo

basics logo Security Basics mailing list archives

Re: Port Knocking questions
From: Vincent <pros-n-cons () bak rr com>
Date: Mon, 1 Mar 2004 17:16:54 -0800

On Fri, 27 Feb 2004 23:58:09 -0500
Richard Shinkle <rshinkle451 () hotmail com> wrote:


I have a few questions about port knocking.  First of all, is it a hacker 
tool or a security tool?  Does it require the hacker to be able to ping the 

Rich S.


Your other questions have been answered already but there is another
similar idea written by Brian Hatch author of Hacking Linux Exposed.
Instead of 'knocking' ports which as I understand it can be vulnerable
to brute force like attacks Hatch's solution uses dns queries to dynamicly
open up ports through the firewall, using the dns query as a password.
There is no 'service' listening but there is a sniffer waiting for a 
key string on port 53 that it will take action on. The best thing is it
is OS agnostic since DNS query tools are already on all OS's no client
software, or technical know-how is needed. And easily customizable if
you're fluent in perl.

Part 1) http://www.hackinglinuxexposed.com/articles/20030730.html
Part 2) http://www.hackinglinuxexposed.com/articles/20030814.html
Part 3) http://www.hackinglinuxexposed.com/articles/20030825.html

Attachment: _bin

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]