mailing list archives
RE: Port-Knocking vulnerabilities?
From: "Tom Corelis" <tomc () targetbilling com>
Date: Fri, 28 Dec 2007 10:20:40 -0800
I suppose you could do two successive port scans and hope the second
completes before the port-knockers' threshold.....
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Kappa Alpha Pi Eta
Sent: Friday, December 28, 2007 7:12 AM
To: security-basics () securityfocus com
Subject: Port-Knocking vulnerabilities?
so I read this thread about port-knocking (altough called "reflexsive
firewalls"). I'd never heard of that and found that to be an very
interesting mechanism. Now I just keep wondering, what an attacker could
possibly do to intrude system secured in such a way. So there are no
open ports at all, also, there's no way the attacker could access the
computer physically or via social engineering. The attacker knows that a
knock-server is running and that there's some daemon waiting to become
accessible (what ever that may be).
What could a attacker do to somehow get access to that machine? And how
can I secure that machine from that kind of attacks.
Thanks in advance,
Express yourself instantly with MSN Messenger! Download today it's FREE!