Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
an anternative to port-knoking using the OpenBSD pf only
Jan 23 2006 09:44PM
poplix (poplix papuasia org)
I wish to propose an alternative to port knoking that uses the native
OpenBSD's pf code only. The idea is to use the pf's passive os
fingerprinter to authenticate initial SYN packets.
With a tool (or kernel patch) able to rewrite packets header is possible
to use a specific sequence of h...
[ more ]
Copyright 2010, SecurityFocus