BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] port-knocking

Subject: [Discuss] port-knocking
From: richard.pieri at gmail.com (Rich Pieri)
Date: Wed, 27 Mar 2013 20:23:41 -0400
In-reply-to: <5153774D.3000706@gmail.com>
References: <CADdmjq_jPJ8j6mJVzm2T8Tz6tZPF=cM5rPK7xZAA3gmwJTw-PQ@mail.gmail.com> <5150CE85.9010803@gmail.com> <CADdmjq-tn4x6tT+mRUxv_Km92sNrDsSce5UPX_aMSGieNDFzcQ@mail.gmail.com> <5151B65A.30107@blu.org> <6FE60F8A-B262-40D7-89A8-F2660C74CB66@gmail.com> <CADdmjq-2tr0SLuaOV3fc6S6GSQrdrZXfz2_5Sy8X8MgrgkCDXA@mail.gmail.com> <D1B1A95FBDCF7341AC8EB0A97FCCC4772C965B0C@SN2PRD0410MB372.namprd04.prod.outlook.com> <54DB539F0A2C293772BBDCF8@belldandy.lns.mit.edu> <20130327171346.GE20137@dragontoe.org> <51534868.9000703@horne.net> <54B8A71EBF5006965C91C9F0@belldandy.lns.mit.edu> <5153774D.3000706@gmail.com>

--On Wednesday, March 27, 2013 6:48 PM -0400 Tom Metro 
<tmetro+blu at gmail.com> wrote:

> While I can imagine some implementations of port knocking, where failed
> knock sequences shut down a service, there are certainly other
> implementations where that is not the case.

That's precisely what I mean. Combine port knocking, automatic IP block, 
and IP address spoofing and you have a very easy denial of service. I am 
aware that there are workarounds to this, but if you have to work around a 
basic function of your security system then you're using the wrong security 
tool.

-- 
Rich P.

Follow-Ups:
- [Discuss] port-knocking
  - From: tmetro+blu at gmail.com (Tom Metro)

References:
- [Discuss] DNS question about DNSENUM.PL
  - From: omegahalo at gmail.com (Chris O'Connell)
- [Discuss] DNS question about DNSENUM.PL
  - From: tmetro+blu at gmail.com (Tom Metro)
- [Discuss] DNS question about DNSENUM.PL
  - From: omegahalo at gmail.com (Chris O'Connell)
- [Discuss] DNS question about DNSENUM.PL
  - From: gaf at blu.org (Jerry Feldman)
- [Discuss] DNS question about DNSENUM.PL
  - From: abreauj at gmail.com (John Abreau)
- [Discuss] DNS question about DNSENUM.PL
  - From: omegahalo at gmail.com (Chris O'Connell)
- [Discuss] DNS question about DNSENUM.PL
  - From: blu at nedharvey.com (Edward Ned Harvey (blu))
- [Discuss] DNS question about DNSENUM.PL
  - From: richard.pieri at gmail.com (Rich Pieri)
- [Discuss] DNS question about DNSENUM.PL
  - From: invalid at pizzashack.org (Derek Martin)
- [Discuss] DNS question about DNSENUM.PL
  - From: bill at horne.net (Bill Horne)
- [Discuss] DNS question about DNSENUM.PL
  - From: richard.pieri at gmail.com (Rich Pieri)
- [Discuss] port-knocking
  - From: tmetro+blu at gmail.com (Tom Metro)

Prev by Date: [Discuss] Security through obscurity
Next by Date: [Discuss] Security through obscurity
Previous by thread: [Discuss] port-knocking
Next by thread: [Discuss] port-knocking
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org