Port knocking

Thursday 26 February 2004

Port Knocking is a clever technique to secure a machine. No ports are open, but failures on ports are monitored for a specific sequence of port attempts. If the correct ports are attempted in the correct sequence, then a port is opened, and the external machine can get in. The technique adds a meta-level to normal security measures, and turns failures into interesting information.

tagged: security, networks   /   via: Simon Willison» 2 reactions

Comments

[gravatar]
Brian Cantoni 10:41 PM on 27 Feb 2004

That's a clever solution. My ISP uses something similar called "POP-before-SMTP" authentication for the outgoing SMTP mail server. If you try to simply connect to the SMTP server, it will fail. But, if you check a valid POP account, you'll be authenticated to SMTP as well for a time period of 90 minutes or so.

[gravatar]
Bob 12:02 PM on 28 Feb 2004

"POP before SMTP" is a common tactic for ISPs to avoid having their SMTP servers act as open relays. Another approach is just to use SMTP AUTH and require the client to authenticate (usually with the same account password used for POP).

Add a comment:

name
email
Ignore this:
not displayed and no spam.
Leave this empty:
www
 not searched.
 
Name and either email or www are required.
Don't put anything here:
Leave this empty:
URLs auto-link and some tags are allowed: <a><b><i><p><br><pre>.