---

NewsForge: A Critique of Port Knocking

“Suppose you want to be able to retrieve files from your Linux
system remotely. The ‘standard’ method of running the SSH server on
port 22 is notoriously inadequate. OpenSSH, which is the SSH server
on the majority of Linux installations, suffers from regular
exploits of buffer overflow and other vulnerabilities, and you
neither have the time to keep up with the patches nor want to make
the effort–you’d rather put up with not being able to access your
files. This is where port knocking might seem to help–but don’t
count on it.

“Port knocking is a method of ‘message transmission across
closed ports.’ It works like this: initially a firewall blocks all
ports on the server. The client issues a series of connection
requests (knocks) to different ports; these are, of course, dropped
since the ports are blocked.

Complete
Story

Related Story:
Linux
Journal: Port Knocking
(Jun 18, 2003)

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis