Ross Cameron wrote: > Id rather point you're interest at SPA (Single Packet Authentication) > from one project I've worked on we found that a determined enough > person eventually finds the knock sequence. >
Do you have a research paper that discusses your findings? > With SPA an encrypted payload is sent in one packet (almost impossible > to find) to a random port (in our implimentation) and then the > firewall rules are edited to only allow the source host access to > whatever service. > Is nmap able to distinguish the port you use here from other ports? Darren > On Wed, Jan 7, 2009 at 10:42 PM, a b <[email protected]> wrote: > >>> New features...and while I've got your attention, >>> what features do you think ipfilter needs that it >>> does not yet have? >>> >> Port knocking. I believe IPFilter would really benefit from this feature >> for two reasons: >> >> 1. port knocking is obviously a useful security feature to have >> 2. it will make IPFilter competitive with iptables. >> >> >> ________________________________ >> Invite your mail contacts to join your friends list with Windows Live >> Spaces. It's easy! Try it! >> > > > >
