Home page logo

basics logo Security Basics mailing list archives

Re: Port-Knocking vulnerabilities?
From: "Jay" <jay.tomas () infosecguru com>
Date: Mon, 31 Dec 2007 12:49:17 -0500

Is portknocking a weaker security mechanism. Does that discount it completely.

Telnet and ftp our clear text. Just because something can be defeated doesn't mean it loses 'all' its classification
A door is meant to provide some defense to the outside of your house. I can certainly bash it in with a sledge hammer. 
It still serves its purpose as a layer of the defense.

Again we are talking about security basics here. You can say it isn't viable or is inherently weak. But the way it is 
implemented its used for authentication. Plain and simple.

----- Original Message -----
From: Ansgar -59cobalt- Wiechers [mailto:bugtraq () planetcobalt net]
To: security-basics () securityfocus com
Sent: Sat, 29 Dec 2007 14:28:53 +0100
Subject: Re: Port-Knocking vulnerabilities?

On 2007-12-28 Jay wrote:
Portknocking is a security mechanism as it is a type of
authentication. "Something you know" in this case the sequence of
ports to knock before a unstarted service or daemon begins listening
for connections.

Since everything is transmitted in the clear port-knocking is as much of
a security mechanism as cleartext passwords. Technically: maybe
(depending on your definition). Realistically: no.

Ansgar Wiechers
"The Mac OS X kernel should never panic because, when it does, it
seriously inconveniences the user."

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]