mailing list archives
Re: Port Knocking questions
From: Vincent <pros-n-cons () bak rr com>
Date: Mon, 1 Mar 2004 17:16:54 -0800
On Fri, 27 Feb 2004 23:58:09 -0500
Richard Shinkle <rshinkle451 () hotmail com> wrote:
I have a few questions about port knocking. First of all, is it a hacker
tool or a security tool? Does it require the hacker to be able to ping the
Your other questions have been answered already but there is another
similar idea written by Brian Hatch author of Hacking Linux Exposed.
Instead of 'knocking' ports which as I understand it can be vulnerable
to brute force like attacks Hatch's solution uses dns queries to dynamicly
open up ports through the firewall, using the dns query as a password.
There is no 'service' listening but there is a sniffer waiting for a
key string on port 53 that it will take action on. The best thing is it
is OS agnostic since DNS query tools are already on all OS's no client
software, or technical know-how is needed. And easily customizable if
you're fluent in perl.
Part 1) http://www.hackinglinuxexposed.com/articles/20030730.html
Part 2) http://www.hackinglinuxexposed.com/articles/20030814.html
Part 3) http://www.hackinglinuxexposed.com/articles/20030825.html