From: Kirk Hoganson <kirk2@lenderlab.com>
To: gentoo-security@lists.gentoo.org
Subject: Re: [gentoo-security] [OT?] automatically firewalling off IPs
Date: Tue, 04 Oct 2005 11:16:14 -0600 [thread overview]
Message-ID: <4342B8DE.1010206@lenderlab.com> (raw)
In-Reply-To: <366975610.20051004202554@ttk.ru>
Yes, there are. I use one for my work servers that is iptables based.
I don't have any links for you unfortunately but I have seen them. If
you are really interested I can probably track down one I saw that used
iptables and was a combination style. I also know of an open source
"magic packet" style that I could probably find a link for if you were
interested.
boger said the following:
> Hello Kirk,
> Is there IPtables based port knocker?
> I dislike idea opening ports for this purpose because they can be distinguished by some way.
> Promiscuous mode port knockers consume a lot of processor and
> I don't think it's good for production server.
>
> KH> A port knocker of some sort is a much more secure solution that will
> KH> allow you to block all unwanted IP's but still allow for dynamic
> KH> addresses. There are port knockers that listen on various ports and
> KH> work like a combination lock to open the port, and there are others that
> KH> use a more secure one time pad "magic packet" kind of authentication to
> KH> open the port for your IP. It is more work to setup, but it is more
> KH> secure than just changing the port. Remember a few years ago when ssh
> KH> had a remote exploit? You probably shouldn't leave that port open.
>
--
gentoo-security@gentoo.org mailing list
next prev parent reply other threads:[~2005-10-04 17:16 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-10-02 21:10 [gentoo-security] [OT?] automatically firewalling off IPs Jeremy Brake
2005-10-02 21:19 ` MaxieZ
2005-10-02 22:29 ` J Holder
2005-10-03 2:52 ` Brian Micek
2005-10-03 13:01 ` David vasil
2005-10-03 13:18 ` rpfc
2005-10-03 17:06 ` Kirk Hoganson
2005-10-04 16:25 ` boger
2005-10-04 17:16 ` Kirk Hoganson [this message]
2005-10-04 18:42 ` boger
2005-10-04 20:30 ` Kirk Hoganson
2005-10-04 20:42 ` boger
2005-10-04 19:45 ` [gentoo-security] Port knocking Tobias Sager
2005-10-04 20:20 ` boger
2005-10-02 21:24 ` [gentoo-security] [OT?] automatically firewalling off IPs Tad Glines
2005-10-02 22:53 ` Alex Efros
2005-10-02 23:02 ` Marc Risse
2005-10-06 1:40 ` Tad Glines
2005-10-06 8:13 ` Matan Peled
2005-10-06 9:15 ` William Kenworthy
2005-10-06 10:19 ` Matan Peled
2005-10-06 12:44 ` William Kenworthy
2005-10-06 21:02 ` Kirk Hoganson
2005-10-06 21:05 ` Brian Micek
2005-10-07 2:37 ` Tad Glines
2005-10-07 18:47 ` Eric Paynter
2005-10-08 13:40 ` RADDS Support Team
2005-10-02 21:33 ` DeadManMoving
2005-10-02 21:37 ` Hemmann, Volker Armin
2005-10-02 21:56 ` Alec Joseph Warner
2005-10-02 22:13 ` xyon
2005-10-02 21:53 ` Hassan El-Masri
2005-10-02 21:57 ` Andreas Waschbuesch
2005-10-02 22:20 ` darren kirby
2005-10-03 7:53 ` Christophe Garault
2005-10-03 8:29 ` Jerry Eastmanhouser
2005-10-03 10:58 ` Dave Strydom [i*]Group
2005-10-03 12:25 ` Oscar Carlsson
2005-10-03 13:29 ` Dan Shookowsky
2005-10-03 23:26 ` Jeremy Brake
2005-10-04 6:15 ` Joerg Mertin
2005-10-04 8:55 ` Dave Strydom
2005-10-04 14:45 ` Kyle Lutze
2005-10-04 14:49 ` Dave Strydom
2005-10-04 17:42 ` Kyle Lutze
2005-10-04 17:52 ` Neil Cherry
2005-10-05 16:46 ` Robert Larson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4342B8DE.1010206@lenderlab.com \
--to=kirk2@lenderlab.com \
--cc=gentoo-security@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox