Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Kirk Hoganson <kirk2@...>
Subject: Re: [OT?] automatically firewalling off IPs
Date: Tue, 04 Oct 2005 14:30:16 -0600
boger said the following:
> Hello Kirk,
> 
> I'll appreciate it ;) 
> 
> Goggling gives a lot of links to libpcap based port knockers, but I dislike idea always running in promiscuous mode. Also "magic packet" is a sort of overkill for me, because I need access from random locations with different OS'es preferably without any additional tools. 
> If computer is untrusted, after logon I can change knock sequence without leaving any keys behind. Even if password gets compromised is not so dangerous in this scenario.
> 
> By iptables based I mean using ulog or ipq to forward packets to knock daemon, thus its undetectable from outside and can be very fast.
> 
> About a year ago I tested 5 or 6 port knockers but I didn't find any  
> suitable for me. Some had terrible cpu usage on my machine, 
> some not enough flexible configuration.
> 
> 
> KH> Yes, there are.  I use one for my work servers that is iptables based.
> KH> I don't have any links for you unfortunately but I have seen them.  If
> KH> you are really interested I can probably track down one I saw that used
> KH> iptables and was a combination style.  I also know of an open source
> KH> "magic packet" style that I could probably find a link for if you were
> KH> interested.
> 

It would appear that I was mistaken in thinking that the two I have used 
were iptables based.  Both are dependent upon libpcap.  I was briefly 
confused based on the way they have been integrated into the iptables 
firewall.  For what it is worth, my experiences with libpcap port 
knockers has been very favorable.  Sorry if that was a bit of a goose chase.
-- 
gentoo-security@g.o mailing list


Replies:
Re: [OT?] automatically firewalling off IPs
-- boger
References:
[OT?] automatically firewalling off IPs
-- Jeremy Brake
Re: [OT?] automatically firewalling off IPs
-- MaxieZ
Re: [OT?] automatically firewalling off IPs
-- David vasil
Re: [OT?] automatically firewalling off IPs
-- rpfc
Re: [OT?] automatically firewalling off IPs
-- Kirk Hoganson
Re: [OT?] automatically firewalling off IPs
-- boger
Re: [OT?] automatically firewalling off IPs
-- Kirk Hoganson
Re: [OT?] automatically firewalling off IPs
-- boger
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: [OT?] automatically firewalling off IPs
Next by thread:
Re: [OT?] automatically firewalling off IPs
Previous by date:
Re: Port knocking
Next by date:
Re: RE: port knocking


Updated Oct 31, 2011

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.