[prev in list] [next in list] [prev in thread] [next in thread]
List: ipcop-user
Subject: Re: [IPCop-user] port knocking
From: john s wolter <johnswolter () wolterworks ! com>
Date: 2014-06-19 7:22:58
Message-ID: CANwh-fo+zoyWRKT0Z3Gf-sr5qxphROWpifQ7jpPQVpjxc9ZZ1g () mail ! gmail ! com
[Download RAW message or body]
Spyros,
Some descendant student of Pythagoras may yet discover a way to have this
work. It's also a matter for security philosophy and then actually getting
something to work.
Reading this discussion and the articles, I see a constant arms-race
between the crackers and the defenders. Port knocking is subject to the
same cycle.
I'm looking to capture the dynamics of these competing players. Dynamics
is the future but beyond simple dynamics is responding to as new species
are released into the Internet ecosystem. I'm remembering recently Brian
Dye, Symantec's senior vice president for information security saying
Anti-Virus is dead.
Role based security ideas within LINUX SE are partly a step forward. The
NSA can be thanked for developing this module initially. Since NSA
released it as open source, it was forked and expanded. I'm sure those
words will spike some angst.
Cheers,
John S. Wolter
------------------------------------------------------------
Wolter Works
EMail: johnswolter@wolterworks.com
LinkedIn: John S Wolter, johnswolter
On Thu, Jun 19, 2014 at 2:51 AM, Spyros Tsiolis <stsiol@yahoo.co.uk> wrote:
> Hi John,
>
> Thank you for your thorough evaluation and opinion on this.
> Much appreciated.
>
> So, from what I understand, you are not a fan of this ?
>
> Regards,
>
>
>
> s.
>
>
>
> --------------------------------------------
> On Thu, 19/6/14, john s wolter <johnswolter@wolterworks.com> wrote:
>
> Subject: Re: [IPCop-user] port knocking
> To: "IpCop List" <ipcop-user@lists.sourceforge.net>
> Cc: "IPCop devel" <ipcop-devel@lists.sourceforge.net>
> Date: Thursday, 19 June, 2014, 8:32
>
> I'm no expert on
> "Port Knocking", PtKnk, but I gathered information
> about
> it six years ago if I remember
> correctly. I was interested when I first
> read about PtKnk. When learning something I
> try searches and Wikipedia,
> then I spread
> out to the Internet with improved searches.
>
> Here's the PtKnk article,
> it's more positive than I am,
> http://en.wikipedia.org/wiki/Port_knocking
> ...the article keeps mentioning fwknop. PtKnk
> was reviewed several times
> in the 2006-2009
> time frame. My take on those reviews was static PtKnk
> was
> not a good idea.
>
> The static version PtKnk relies on security by
> obscurity. The phrase
> "covert
> channel" comes to mind. Cracking tools, given some
> creativity, can
> discover much. Security by
> obscurity usually does not work. Here's the
> Wikipedia article,
> http://en.wikipedia.org/wiki/Covert_channel
>
> A dynamic version of PtKnk
> seems to want to revive the idea. There's a web
> PtKnk suggesting a secured web page to activate
> a port. I'm not clear how
> that is an
> improvement. Again cracking tools in the mist of an attack
> will
> detect the opening of a port.
>
> The variety of articles
> I've read keep returning to the public/private keys
> or Kerberos with its key management issues.
> One time passwords are
> mentioned in the
> articles as well.
>
> IpCop
> could implement this idea. Based on the information
> I've seen to
> date, I don't yet see
> PtKnk providing an obstacle that is difficult to
> overcome.
>
>
>
>
>
>
>
>
> Cheers,
> John S. Wolter
> ------------------------------------------------------------
> Wolter Works
> EMail: johnswolter@wolterworks.com
> LinkedIn: John S Wolter, johnswolter
>
>
>
> On Wed, Jun 18, 2014 at 10:30 PM, Andy Yee
> <a-yee@comcast.net>
> wrote:
>
> > On 6/18/2014
> 8:41 PM, Jeffrey S. Russell wrote:
> > >
> I had never heard of this prior to your question. It seems
> to require
> > some setup prior to use,
> involving setting up a sequence of ports to
> > "knock" on in a certain order,
> then a pre-defined port is opened
> >
> dynamically to the host initiating the "knocks".
> It's an interesting
> > concept!
> > >
> > > -----
> Original Message -----
> > > From:
> "Spyros Tsiolis" <stsiol@yahoo.co.uk>
> > > To: "IpCop List" <ipcop-user@lists.sourceforge.net>
> > > Sent: Thursday, June 12, 2014 1:26:55
> PM
> > > Subject: [IPCop-user] port
> knocking
> > >
> > >
> Hello all,
> > >
> >
> > Has anyone played with port-knocking ?
> > > Is it just a case of port-forwarding
> the desired tcp ports to
> > > a node on
> the inside ?
> > >
> >
> > tia,
> > >
> >
> > s.
> > >
> >
> >
> >
> > Is this
> feature the same thing as the Port Triggering feature that
> I
> > know consumer routers like LinkSys
> have?
> >
> >
> >
>
> ------------------------------------------------------------------------------
> > HPCC Systems Open Source Big Data Platform
> from LexisNexis Risk Solutions
> > Find
> What Matters Most in Your Big Data with HPCC Systems
> > Open Source. Fast. Scalable. Simple. Ideal
> for Dirty Data.
> > Leverages Graph
> Analysis for Fast Processing & Easy Data Exploration
> > http://p.sf.net/sfu/hpccsystems
> >
> _______________________________________________
> > IPCop-user mailing list
> > IPCop-user@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/ipcop-user
> >
>
> ------------------------------------------------------------------------------
> HPCC Systems Open Source Big Data Platform from
> LexisNexis Risk Solutions
> Find What Matters
> Most in Your Big Data with HPCC Systems
> Open
> Source. Fast. Scalable. Simple. Ideal for Dirty Data.
> Leverages Graph Analysis for Fast Processing
> & Easy Data Exploration
> http://p.sf.net/sfu/hpccsystems
> _______________________________________________
> IPCop-user mailing list
> IPCop-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/ipcop-user
>
>
------------------------------------------------------------------------------
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems
_______________________________________________
IPCop-user mailing list
IPCop-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipcop-user
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic