On Wed, 07/05/2003 07:40 +0200, Hans Spaans wrote: > On Wed, May 07, 2003 at 01:14:04AM +0200, Tim van Erven wrote: >> On Tue, 06/05/2003 13:07 -0500, Mark Edgington wrote: >>> incorporate functionality into inetd/xinetd/rinetd which listens for a >>> predefined sequence of connection attempts on certain ports. Upon noticing >>> the correct sequence (as specified somewhere in the config file), it opens >>> up certain ports (i.e. SSH) for a specified amount of time or for the next >>> connection attempt only. The parameters which could be set in the config >>> file would be: >>> 1) the "trigger" sequence (an ordered list of port numbers) >>> 2) the port(s) to make available upon receiving this trigger sequence >>> 3) whether the ports to be made available are available for a) the next n >>> connections only, and/or b) the next n minutes >>> 3) how long to disable watching for the sequence after an invalid sequence >>> has been detected. >> >> You could also run a daemon that listens on some port for a password and >> opens up other ports if it receives the right one, to get the same >> effect, but much easier to implement. > > How are you going to handle firewalls and stuff? This because you need > to accept traffic for those ports.
You always need to let the trigger through your firewall. It's just easier and less of a custom hack if it's sent on a single port. -- Tim van Erven <[EMAIL PROTECTED]> Fingerprint: F6C9 61EE 242C C012 OpenPGP Key ID: 712CB811 36D5 BBF8 6310 D557 712C B811
