Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Interesting idea for a covert channel or I justdidn't research enough?
From: Jurjen Oskam <jurjen () stupendous org>
Date: Sat, 8 Oct 2005 10:21:33 +0200

On Sat, Oct 08, 2005 at 07:20:17AM +0530, Aditya Deshmukh wrote:

Aren't these all different versions of portknocking ? All of 
them work untill someone outside can figure out the pattern of 
events - at most I would call this security by obscurity - 
Trivial to detect but good enough for some low security 

The intention of the case you quoted (opening up the SSH port) is to
deter casual portscanners or SSH version scanners. This way, my system
is much less likely to be on a list of hosts running SSH servers. 

After the port is opened up, you get a regular, properly configured,
up-to-date SSH daemon. 

Jurjen Oskam
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]