Firewall Wizards mailing list archives
RE: OT: port knocking.. getting there
From: "Ben Nagy" <ben () iagu net>
Date: Mon, 21 Jun 2004 09:37:54 +0200
Only on slashdot would this kind of rubbish get any airtime. The ONLY thing port knocking is any good for is people that want to write malware which will not easily be detected by network admins. If I genuinely want to secure a host, or use 'dynamic' firewall rules there are half a dozen better solutions. Not only is the concept stupid, but I looked at the guy's thesis for five seconds and his crypto is totally broken - there is a trivial known plaintext attack to recover the secret password if you can intercept knocks on the wire. The plaintext is [IP addr][port][action] for 4 + 2 + 1 bytes each. The last byte is pad - which is cunningly hardwired to null. The IP address makes up 4 bytes of a 7 byte plaintext (which is already small enough to brute force) and the IP address will be that of the knocking host. Wait, it gets worse! The "action" byte is basically "open" or "close" and the port bytes don't quite use the full 2^16 range. In other words I need to brute force a little less than 17 bits. This is only challenging if I want to make like ET and do it with a reprogrammed Speak N Spell. It's bad enough I have to endure this on /. Someone buy the guy a copy of Applied Cryptography and let's move on. ben
-----Original Message-----
[...]
http://bsd.slashdot.org/article.pl?sid=04/06/18/0617244&mode=t
hread&tid=122&tid=126&tid=172&tid=185&tid=190 _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- OT: port knocking.. getting there Gadi Evron (Jun 18)
- RE: OT: port knocking.. getting there Ben Nagy (Jun 21)
- RE: OT: port knocking.. getting there Ben Nagy (Jun 21)
- RE: OT: port knocking.. getting there Ben Nagy (Jun 21)