PDA

View Full Version : Port Knocking for Secure Access?



Peter-L
2012-05-29, 05:56
For those who are not aware what port knocking is.

Basically all ports are closed until a client connection is initiated, this client connection will try and connect on a specific sequence of closed port numbers eg, 80, 443, 9191, 10001, 8, etc Once this specific sequence is matched (by the fw monitoring dropped port attempts by a certain source) a designated port is opened to the client.

While this would require specific client software it would mean that an externaly there were no ports open for attack as the connection is essentially verified before its allowed through.

I was thinking that if you could derive the sequence from SecureID it would be a very secure method of connecting to a VPN and reducing attach surface?

Anyone have any thoughts?