On Mon, 2004-03-22 at 11:37, Erich Titl wrote: > >> > Port Knocking to trigger remote vpn/ssh access > >> ? > >> > > > >I'm referring to the method of accessing closed external ports using a > >predefined sequence of connection attempts across one or more ports. As > >described in the Jun 2003 SysAdmin article, "The log is monitored for > >specific port sequences that encode information used to modify firewall > >rules, which are changed to open or close ports for a specific IP > >address." I'm certain this will be possible using LEAF. > > Sure if you port the software. > I'd rather use a monitoring channel through an IPSEC connection to the firewall, or > allow access through ssh using RSA. > > my 0.02 >
There is no software to port, so far as I can tell. The log monitoring and rule setting is all done via an external Perl script. Routing daemons continue to function as they have. They'll just be told to re-read their configuration files when it's time to open a specific port to a specific IP address for the specified duration. You may want to read the article I cited if you can lay your hands on a copy of the SysAdmin mag. It's a pretty clever method, adding another valuable tool the the network manager's belt. The premise behind port knocking is that external ports remain closed. An open port is vulnerable to port scans. Once an open port is identified, a DOS (or other) attack can be launched. Without a port to scan, the likelihood of a DOS attack is dramatically diminished. With port knocking, the port is opened to the specified IP address only when connection attempts to the correct combination of ports in the correct sequence and timing is received, with optionally encrypted payloads. When it's time to make the connection, you can still use IPSEC authentication and encryption. Thanks for the comments! --Cal Webster ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
