republican-creole
Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Is Portknocking "Real" Security?
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
how does brutus aet2 works? »
« Black Viper is back! Yes,  
AuthorAll Replies


Name Game
Premium
join:2002-07-07
North Myrtle Beach, SC

reply to Daniel
Re: Is Portknocking "Real" Security?

The concept of portknocking from the day's it was proposed using firewall logs changed into a "secret knock" thingie is like giving your neighbor a key to you cottage and trust him to protect it. Not only protect the "key"..but also your place. You do not know where he will store the key muchless when "he" enters your cottage if it was really his muddy feet in the buffer overflow.

If you are looking for peace of mind Security..the weighted scale is against portknocking..but if you are just after a new whistle and bell "feature" then go for it..it does not ADD anything to real security..it just throw another problem into the equation...no matter how secure you think you are doing it.

I will be standing in the hallway
»www.songlyrics.com/song-lyrics/O···534.html

"Knock three times
On the ceiling if you want me.
Mmm-hmm, twice on the pipe
If the answer is no."
--
Gladiator Security Forum »www.gladiator-antivirus.com/ Missing Kids »www.missingkids.com/
to forum · permalink · · 2007-03-30 11:29:01 · Reply to this


Daniel
Premium,MVM
join:2000-06-26
Pleasanton, CA
clubs:

2 edits		 Your analogy is horribly flawed, Name Game. Nobody gets a "key" to the cottage. A "key" implies that a successful portknock yields a shell via SSH. It doesn't. All a successful portknock gives you is the ability to try one's hand against standard SSH security. No security layers are removed from the equation; one is just added.

Do you still think this is a problem?
--
dmiessler.com -- grep understanding knowledge
to forum · permalink · · 2007-03-30 11:35:30 · Reply to this
Forums » Up and Running » Security » Securityhow does brutus aet2 works? »
« Black Viper is back! Yes,  

Sunday, 06-Dec 01:51:08 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [163] Comcast Releasing Promised Usage Meter
· [147] Avast Antivirus Has Gone Mad
· [128] Comcast Makes NBC Universal Acquisition Official
· [123] The Bandwidth Hog Does Not Exist
· [105] Graduate Student Unveils Sprint's GPS Sharing With Feds
· [101] Google Invades ISP, OpenDNS Turf With Google Public DNS
· [85] FCC Ponders Moving From PSTN To IP Voice
· [82] Latest Consumer Reports Survey Not Kind To AT&T
· [80] New Bill Aims To Limit ETFs
· [75] Sprint Defuses GPS Privacy Media Bomb
Most people now reading
· False positive in Avast! or is it real? [Security]
· Wife might have to work in.... Iowa for a few months!!! [General Questions]
· Connecting to Google Voice Via SIP [VOIP Tech Chat]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· Windows 7 boot manager editing questions [Microsoft Help]
· RG Firmware update to VDSL2 this morning [AT&T U-verse]
· [How to] Install Asterisk on an Asus WL-520GU router [VOIP Tech Chat]
· First commercial tool to crack BitLocker arrives (Updated) [Security]
· How fast is your upstream internet connection? [General Questions]
· Is there any true cure for, or way to prevent, a hangover? [General Questions]