Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
RE: Port-Knocking vulnerabilities?
Dec 31 2007 09:46PM
Craig Wright (Craig Wright bdo com au)
Lets look at the issues.
You rely on obscurity in a manner that changes flags in IP and makes the packets stand out. Most IDS's will alert to this, many routers will. A TCPdump filter for unusual flags and IP ID's is common in many ISP's. So we have a security mechanism that is advertising itself b...
[ more ]
Copyright 2010, SecurityFocus