[Melbourne-pm] Knockd for Web

Daniel Pittman daniel at rimspace.net
Mon Jun 1 21:34:08 PDT 2009


Sam Watkins <sam at nipl.net> writes:
> On Tue, Jun 02, 2009 at 01:26:24PM +1000, Daniel Pittman wrote:
>
>> Using existing, well tested security mechanisms like SSL is almost
>> certainly going to beat out building your own.
>
> I would think that using existing systems together with your own will make
> it much more secure especially from automated attacks.

That really depends on your threat model.  To answer that you have to address
how it makes the system more secure, and what additional risks it introduces.

For example, the risk of a buffer overflow in knockd compared to the gain of
having an obscure, non-standard password verification before you can try to
verify identity with OpenSSH.

>> Finally, if you are in sufficient control of the destination system and
>> userbase to require port knocking you can almost certainly just use
>> client-side SSL certificates for authentication.
>>
>> Those provide zero-knowledge proof of possession over the Internet without
>> *any* reasonable risk of attack.
>
> of course if you are running windows (or using .desktop files!)

I agree with Toby: to assert the risks of .desktop files you need to prove
that there is a risk.

> you probably have 15 viruses and spyware programs harvesting your certs
> which you don't know about :p

I should have limited my statement to "...attack on the protocol."

Regards,
        Daniel


More information about the Melbourne-pm mailing list