Novel security measures
25th February 2004
An article on SecurityFocus led me to this site about Port Knocking. Port Knocking is an interesting security technique in which a box sits online with no ports open to connections and awaits a specific sequence of connection attempts. A user wishing to connect to the box must first attempt to initiate connections to ports in a specific, secret order. Once they do, the box starts up the required service (such as an SSH daemon) on a designated port and allows the user to connect properly.
It’s a pretty neat trick, and one that may well start showing up in backdoors and trojans in the future. It reminds me of a couple of other novel firewall related tricks: invisible firewalls and firewalls that are effectively turned off.
More recent articles
- LLM 0.22, the annotated release notes - 17th February 2025
- Run LLMs on macOS using llm-mlx and Apple's MLX framework - 15th February 2025
- URL-addressable Pyodide Python environments - 13th February 2025