Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


NewsForge: A Critique of Port Knocking

Aug 11, 2004, 07:00 (14 Talkback[s])
(Other stories by Arvind Narayanan)

"Suppose you want to be able to retrieve files from your Linux system remotely. The 'standard' method of running the SSH server on port 22 is notoriously inadequate. OpenSSH, which is the SSH server on the majority of Linux installations, suffers from regular exploits of buffer overflow and other vulnerabilities, and you neither have the time to keep up with the patches nor want to make the effort--you'd rather put up with not being able to access your files. This is where port knocking might seem to help--but don't count on it.

"Port knocking is a method of 'message transmission across closed ports.' It works like this: initially a firewall blocks all ports on the server. The client issues a series of connection requests (knocks) to different ports; these are, of course, dropped since the ports are blocked.

Complete Story

Related Story:
Linux Journal: Port Knocking(Jun 18, 2003)