Security Basics
*Note: Email address will appear as "user domain ext" to prevent harvesting.
RE: Port-Knocking vulnerabilities? Jan 06 2008 04:49AM
Craig Wright (Craig Wright bdo com au)
Hi Michael,
I admit I have not looked at fwknop, so I will withhold comment until I have. It is not port knocking, so the issues there do not apply.

The idea of these servers being undetectable is a falacy. SPA still leaves itself open to diagnostics for detection. Timing differences give away that...

[ more ]  

Privacy Statement
Copyright 2010, SecurityFocus