Novel security measures
25th February 2004
An article on SecurityFocus led me to this site about Port Knocking. Port Knocking is an interesting security technique in which a box sits online with no ports open to connections and awaits a specific sequence of connection attempts. A user wishing to connect to the box must first attempt to initiate connections to ports in a specific, secret order. Once they do, the box starts up the required service (such as an SSH daemon) on a designated port and allows the user to connect properly.
It’s a pretty neat trick, and one that may well start showing up in backdoors and trojans in the future. It reminds me of a couple of other novel firewall related tricks: invisible firewalls and firewalls that are effectively turned off.
More recent articles
- The Axios supply chain attack used individually targeted social engineering - 3rd April 2026
- Highlights from my conversation about agentic engineering on Lenny's Podcast - 2nd April 2026
- Mr. Chatterbox is a (weak) Victorian-era ethically trained model you can run on your own computer - 30th March 2026