Forgot your password?

Close
typodupeerror
1463241 story spacer spacer spacer

Going Beyond Port Knocking; Single Packet Access 23

Posted by Hemos
from the interesting-ideas dept.
michaelrash writes "I have just released a new version of fwknop that implements a single-packet authorization scheme using libpcap (similar to what Simple Nomad has proposed for the upcoming BlackHat Briefings). Fwknop has made Slashdot once before as the first tool that combines port knocking and passive OS fingerprinting. However, this new single-packet method has many advantages over port knocking, including non-replayable messages, much more data can be sent (including complete commands), an attacker cannot break sequences simply by connecting to spurious ports on the target, and more. By using Netfilter to intercept packets within the kernel, anyone scanning for a service protected by this method cannot even talk directly to the IP stack without being authorized; that makes even 0-day exploits largely toothless."
This discussion has been archived. No new comments can be posted.

Going Beyond Port Knocking; Single Packet Access More Login

Going Beyond Port Knocking; Single Packet Access

Comments Filter:
  • All
  • Insightful
  • Informative
  • Interesting
  • Funny
gipoco.com is neither affiliated with the authors of this page nor responsible for its contents. This is a safe-cache copy of the original web site.