Portknocking allows a port to be opened on demand in response to a series of attempted port opens.
There's a wiki page on it here: http://gentoo-wiki.com/HOWTO_Port_Knocking.
Note, if he is on the same LAN as you or the machine you're trying to secure, this will only slow him down, not stop him. (he can sniff packets and determine the knock sequence.)
dcm
On 7/6/06, Daniel da Veiga <[EMAIL PROTECTED]> wrote:
On 7/6/06, Lord Sauron <[EMAIL PROTECTED]> wrote:
> On 7/5/06, Ryan Tandy <[EMAIL PROTECTED]> wrote:
> > Steven Susbauer wrote:
> > >
> > > On Wed, 5 Jul 2006, Ryan Tandy wrote:
> > >
> > >> Lord Sauron wrote:
> > >>> If you can, what I'd do is try and get the guy's MAC Address or
> > >>> something and then totally block that off. That's send him away right
> > >>> quickly. I don't know enough to know if that'd be totally possible,
> > >>> but if the guy isn't terribly intelligent, that'll send him packing.
> > >> net-analyzer/macchanger ;)
> > >>
> > >
> > > What's this? Portage on Windows?
> >
> > More just to mention that there is such a thing out there. And if it
> > exists for us, chances are he has a similar tool available.
>
> However, if you block his mac without an error message, then he can't
> know how you're identifying him to block him. He probably won't know
> what to do, and just might give up then. Worth a try, if nothing
> else.
>
Yeah, that's pretty much true. For a LAN. Doying it at the Internet
would most probably blacklist a entire subnet that's routed to you
with that MAC. So, not worth a try, it would be something more to
configure, and get you no benefit at all, while risking making your
machine invisible for people who could use the services you are trying
to securely provide.
--
Daniel da Veiga
Computer Operator - RS - Brazil
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCM/IT/P/O d-? s:- a? C++$ UBLA++ P+ L++ E--- W+++$ N o+ K- w O M- V-
PS PE Y PGP- t+ 5 X+++ R+* tv b+ DI+++ D+ G+ e h+ r+ y++
------END GEEK CODE BLOCK------
--
gentoo-user@gentoo.org mailing list
