RE: Reflexive firewalls?

[<benoni.martin () accenture com>]

Hi !

This seem to be port-knocking, but in a very simple way !

Check out tools as cd00r, SAd00r, doorman, CÖK, pasmal, fwknop, ...

And yep, it is feasible with iptables, but you will need a small script (perl/sh/...) to open the ssh port after the 
telnet knock ...

HTH !

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Danilo Chilene
Sent: jeudi 27 décembre 2007 19:03
To: Ong Chin Kiat
Cc: security-basics () securityfocus com
Subject: Re: Reflexive firewalls?

I know how do this with PF.

Don't have any idea with iptables. :(

Ong Chin Kiat wrote:
> Hi list,
>
> I've recently used an SSH server that had an interesting
> authentication mechanism. You first had to telnet to the machine on a
> certain port. After doing this (it will just time out - no prompt),
> you then SSH to the server in question. The telnet step has to be
> carried out, if not SSH will just time out.
>
> My question is, is this called reflexive firewalling, and can I
> duplicate this with iptables?
>
> Thanks.

-- 
Danilo F. Chilene

Especialista SO

Global Crossing Limited

Tel.: (55 11) 3957-2945

Cel.: (55 11) 8231-1851

danilo.chilene () globalcrossing com

 
www.globalcrossing.com

 

Att,



This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private 
information.  If you have received it in error, please notify the sender immediately and delete the original.  Any 
other use of the email by you is prohibited.