Id rather point you're interest at SPA (Single Packet Authentication) from one project I've worked on we found that a determined enough person eventually finds the knock sequence.
With SPA an encrypted payload is sent in one packet (almost impossible to find) to a random port (in our implimentation) and then the firewall rules are edited to only allow the source host access to whatever service. On Wed, Jan 7, 2009 at 10:42 PM, a b <[email protected]> wrote: >> New features...and while I've got your attention, >> what features do you think ipfilter needs that it >> does not yet have? > > Port knocking. I believe IPFilter would really benefit from this feature > for two reasons: > > 1. port knocking is obviously a useful security feature to have > 2. it will make IPFilter competitive with iptables. > > > ________________________________ > Invite your mail contacts to join your friends list with Windows Live > Spaces. It's easy! Try it! -- "Opportunity is most often missed by people because it is dressed in overalls and looks like work." Thomas Alva Edison - Inventor of 1093 patents, including the light bulb, phonogram and motion pictures.
