"Port Knocking" For Added Security 950
Jeff writes "The process of Port Knocking is a way to allow only people who know the "secret knock" access to a certain port on a system. For example, if I wanted to connect via SSH to a server, I could build a backdoor on the server that does not directly listen on port 22 (or any port for that matter) until it detects connection attempts to closed ports 1026,1027,1029,1034,1026,1044 and 1035 in that sequence within 5 seconds, then listens on port 22 for a connection within 10 seconds.
The web site explains it in some detail, and there is even an experimental perl implementation of it that is available for download. I can't think of any easy ways you could get around a system using this security method - let alone even know that a system is implementing it.
Another article on port knocking is here."
huff and puff (Score:2, Funny)
let me in
Beavis? (Score:3, Funny)
Probably...
Knock knock... who's there? (Score:5, Funny)
Who's there?
Usher.
Usher who?
Usher wish I could SSH to your server!
Sorry...
Old stuff (Score:5, Funny)
Slashdotted? (Score:5, Funny)
Is the site slashdotted...
...or do I have to knock my way in?
Re:Before you complain about "Obscurity" (Score:1, Funny)
Port knocking IS Patriotic: +1, Hilarious (Score:1, Funny)
send your text through a spellchecker.
"implimenting" should read "implementing".
Remember, the "President" [whitehouse.org]
was AWOL [calpundit.com]
Regards,
Kilgore
"Port Knocking" (Score:0, Funny)
-Carolyn
Re:Before you complain about "Obscurity" (Score:3, Funny)
Slashdotted (Score:4, Funny)
Thanks.
Re:not bad (Score:3, Funny)
Web site is "knocked" down (Score:3, Funny)
site up
knock 80
knock 80
knock 80
site down
Re:Easy enough... (Score:2, Funny)
Re:Oh, really. (Score:4, Funny)
Re:not bad (Score:3, Funny)
TERRIFIC.
This will be used only on systems storing highly sensitive Star Trek Fan-fiction.
Re:not bad (Score:5, Funny)
This reminds me of a cgi driven website I visited a loooong time ago (1996?)
I was creating a user account, and was using the password "beelzebub". However, the system refused to let me create the account. It displayed a page which stated "That password is invalid: It is being used by another user. Please select a unique password."
Apparently, some genius thought it was good security to ensure that no two users had the same password. I hope you can see the intrinsic flaw in this :-)
B&B (Score:3, Funny)
Beavis: "Shutup! Port-knocker!
Re:Well, there go the logfiles (Score:2, Funny)
Shat up, port knocker.
Fine Idea (Score:1, Funny)
Re:Well, there go the logfiles (Score:2, Funny)
YOUR FACE