Gentoo Archives: gentoo-security

From: Kirk Hoganson <kirk2@×××××××××.com>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] [OT?] automatically firewalling off IPs
Date: Tue, 04 Oct 2005 17:16:04
Message-Id: 4342B8DE.1010206@lenderlab.com
In Reply to: Re: [gentoo-security] [OT?] automatically firewalling off IPs by boger
1 Yes, there are. I use one for my work servers that is iptables based.
2 I don't have any links for you unfortunately but I have seen them. If
3 you are really interested I can probably track down one I saw that used
4 iptables and was a combination style. I also know of an open source
5 "magic packet" style that I could probably find a link for if you were
6 interested.
7
8 boger said the following:
9 > Hello Kirk,
10 > Is there IPtables based port knocker?
11 > I dislike idea opening ports for this purpose because they can be distinguished by some way.
12 > Promiscuous mode port knockers consume a lot of processor and
13 > I don't think it's good for production server.
14 >
15 > KH> A port knocker of some sort is a much more secure solution that will
16 > KH> allow you to block all unwanted IP's but still allow for dynamic
17 > KH> addresses. There are port knockers that listen on various ports and
18 > KH> work like a combination lock to open the port, and there are others that
19 > KH> use a more secure one time pad "magic packet" kind of authentication to
20 > KH> open the port for your IP. It is more work to setup, but it is more
21 > KH> secure than just changing the port. Remember a few years ago when ssh
22 > KH> had a remote exploit? You probably shouldn't leave that port open.
23 >
24 --
25 gentoo-security@g.o mailing list

Replies

Subject Author
Re: [gentoo-security] [OT?] automatically firewalling off IPs boger <boger@×××.ru>
[gentoo-security] Port knocking Tobias Sager <moixa@×××.ch>