[Melbourne-pm] Knockd for Web

Scott Penrose scottp at dd.com.au
Tue Jun 2 19:57:51 PDT 2009

----- "Sam Watkins" <sam at nipl.net> wrote:

> People at your ISPs could still pretend to be you after you have
> knocked
> by spoofing IP addresses, so it's important of course to use crypto
> after that too.

Yes, you must have as much security you would normally anyway.
For example, an SSH key and no root login is still a good idea.

But also, like all security, it is about context and opportunity. If I am in a cafe in Melbourne and port knock on my web site. Yes the cafe, the ISP and my ISP could see that sequence - all very low risk. I am not sure about you guys, but my attacks are not coming from Melbourne ISPs :-) So it still helps. And then of course all I am doing is then opening a port which would otherwise have been open anyway, and still using normal login measures.

> I guess the advantage of knockd is that you can easily "knock" with a
> web browser or telnet or whatever you don't need a special client
> which
> does crypto.  (but ssh/putty is very portable, and you'll most likely
> be
> needing it anyway)

Yes, so I imagine the scenario that I have my secure key with me (Either SSL key for HTTPs or SSH key) on a key, I download putty, I open my port to the Internet Cafe (just a silly example) - and now I have access to my server.



scottp at dd.com.au

More information about the Melbourne-pm mailing list