SecurityFocus

Re: Port-Knocking vulnerabilities? Dec 28 2007 07:07PM
Jay (jay tomas infosecguru com) (1 replies)

Re: Port-Knocking vulnerabilities? Dec 29 2007 01:28PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (1 replies)

On 2007-12-28 Jay wrote:
> Portknocking is a security mechanism as it is a type of
> authentication. "Something you know" in this case the sequence of
> ports to knock before a unstarted service or daemon begins listening
> for connections.

Since everything is transmitted in the clear port-knocking is as much of
a security mechanism as cleartext passwords. Technically: maybe
(depending on your definition). Realistically: no.

Regards
Ansgar Wiechers
--
"The Mac OS X kernel should never panic because, when it does, it
seriously inconveniences the user."
--http://developer.apple.com/technotes/tn2004/tn2118.html

[ reply ]

Re: Port-Knocking vulnerabilities? Dec 31 2007 06:27PM
Robert Inder (robertinder googlemail com) (2 replies)

Re: Port-Knocking vulnerabilities? Dec 31 2007 08:50PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (1 replies)

RE: Port-Knocking vulnerabilities? Dec 31 2007 09:46PM
Craig Wright (Craig Wright bdo com au) (1 replies)

RE: Port-Knocking vulnerabilities? Jan 01 2008 01:01PM
Bill Lavalette (blavalet homenet-security com)

Re: Port-Knocking vulnerabilities? Dec 31 2007 07:40PM
Goldstein101 (goldstein101 gmail com) (1 replies)

RE: Port-Knocking vulnerabilities? Dec 31 2007 09:32PM
Craig Wright (Craig Wright bdo com au) (1 replies)

Re: Port-Knocking vulnerabilities? Jan 06 2008 04:12AM
Michael Rash (mbr cipherdyne org) (1 replies)

RE: Port-Knocking vulnerabilities? Jan 06 2008 04:49AM
Craig Wright (Craig Wright bdo com au) (1 replies)

Re: Port-Knocking vulnerabilities? Jan 06 2008 05:17AM
Michael Rash (mbr cipherdyne org) (1 replies)

RE: Port-Knocking vulnerabilities? Jan 21 2008 11:22AM
whip netspace net au (1 replies)

Re: Port-Knocking vulnerabilities? Jan 22 2008 12:26AM
Michael Rash (mbr cipherdyne org)