Simon Willison’s Weblog

Subscribe

Novel security measures

An article on SecurityFocus led me to this site about Port Knocking. Port Knocking is an interesting security technique in which a box sits online with no ports open to connections and awaits a specific sequence of connection attempts. A user wishing to connect to the box must first attempt to initiate connections to ports in a specific, secret order. Once they do, the box starts up the required service (such as an SSH daemon) on a designated port and allows the user to connect properly.

It’s a pretty neat trick, and one that may well start showing up in backdoors and trojans in the future. It reminds me of a couple of other novel firewall related tricks: invisible firewalls and firewalls that are effectively turned off.

This is Novel security measures by Simon Willison, posted on 25th February 2004.

Next: Crap marketing sites

Previous: Grey Tuesday

Previously hosted at http://simon.incutio.com/archive/2004/02/25/novel