I was amazed when I first read about it, but it seems the primary benefit of doing this is so that a simple portscan will not reveal a server. Handy for those folks trying to hide from their ISP's fine print...
but if this gets popular, I'd bet that ISP's will simply scan traffic for port-knocking signatures, then use those "secret knocks" to show servers in violation of said fine print. For that matter, anyone who can sniff the traffic (and don't forget wifi here!) can easily reproduce the knock to open up the desired port(s). The only "better" scheme I could dream up so far, involves a number of servers with different IPs and on different backbones, which maintain VPN connections to add levels of indirection to this. In other words, do the secret knock on one server, and a different one opens up! Voila, complexity rules, until "they" catch up. ( = Good groundwork for a mickey mouse "undernet", anyway. Cool stuff to think on... Regards, Ben On Wed, 25 Feb 2004 16:32:53 -0800 Rob Hudson <[EMAIL PROTECTED]> wrote: | This sounds like security through obscurity, but it's an interesting | idea. Execute the correct knock, and a port opens... | | http://www.portknocking.org/ _______________________________________________ EuG-LUG mailing list [EMAIL PROTECTED] http://mailman.efn.org/cgi-bin/listinfo/eug-lug
