mailing list archives
Re: Port-Knocking vulnerabilities?
From: "Robert Inder" <robertinder () googlemail com>
Date: Mon, 31 Dec 2007 18:27:51 +0000
On 29/12/2007, Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net> wrote:
On 2007-12-28 Jay wrote:
Portknocking is a security mechanism as it is a type of
authentication. "Something you know" in this case the sequence of
ports to knock before a unstarted service or daemon begins listening
Since everything is transmitted in the clear port-knocking is as much of
a security mechanism as cleartext passwords. Technically: maybe
(depending on your definition). Realistically: no.
I think your dismissal of port knocking (and, indeed, plain text
passwords) is unrealistic.
If you can intercept my interaction with some remote server, you can
steal the relevant secrets (the password or the sequence of ports).
But isn't that quite a substantial "if"?
How are you going to do it? Aren't you going to have to compromise
some other machine, either where I am, or where the server is (or, I
guess, where the relevant DNS records are), and then plant software to
deliberately wait and watch until a relevant interaction takes place?
I'm not saying that's impossible. But it would take considerable
knowledge, planning and effort.
Why doesn't that make it a substantial defence against most kinds of
Robert Inder Interactive Information Ltd, Registered
07808 492 213 3, Lauriston Gardens, Company no. SC 150689
0131 229 1052 Edinburgh EH3 9HH
SCOTLAND UK Interactions speak
louder than words
RE: Port-Knocking vulnerabilities? Jay (Dec 31)
Re: Port-Knocking vulnerabilities? Jay (Dec 31)