Linux Today - NewsForge: A Critique of Port Knocking

Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices

Technology Jobs

LinuxToday Newsletters

Server Daily
IT Management Daily
Subscribe News
Subscribe PR
Subscribe Security

internet.com

Internet News
Small Business

Advertise
Newsletters
Tech Jobs
E-mail Offers

Current Newswire:

Tech Comics: "Groundhog Day"

Want a Job? Learn Linux

PC-BSD 9 review � to FreeBSD what Ubuntu is to Debian

Time to dispel open source myths, says Liam Maxwell

SECURITY: Nmap Inside and Out

Eight features Windows 8 'borrowed' from Linux

Malware devs embrace open-source

A tale of two distros: Ubuntu and Linux Mint

Raspberry Pi benchmarked against Beagleboard, low price is long term

20 popular Ubuntu Linux apps you may want to try

Applications Management Engineer Sr (NYC)
Next Step Systems
US-NY-New York

Post A Job | Post A Resume

:NewsForge: A Critique of Port Knocking

NewsForge: A Critique of Port Knocking
Aug 11, 2004, 07 :00 UTC (13 Talkback[s]) (13293 reads)
(Other stories by Arvind Narayanan)

"Suppose you want to be able to retrieve files from your Linux system remotely. The 'standard' method of running the SSH server on port 22 is notoriously inadequate. OpenSSH, which is the SSH server on the majority of Linux installations, suffers from regular exploits of buffer overflow and other vulnerabilities, and you neither have the time to keep up with the patches nor want to make the effort--you'd rather put up with not being able to access your files. This is where port knocking might seem to help--but don't count on it.
"Port knocking is a method of 'message transmission across closed ports.' It works like this: initially a firewall blocks all ports on the server. The client issues a series of connection requests (knocks) to different ports; these are, of course, dropped since the ports are blocked.

Complete Story

Related Story:
Linux Journal: Port Knocking(Jun 18, 2003)