|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: [Dailydave] Sending remote procedure calls through e-mail(RPC-Mail)
From: Frank Knobbe (frank
knobbe.us)
Date: Wed Oct 20 2004 - 14:53:53 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Wed, 2004-10-20 at 14:33, John Bryson wrote:
> With a trivial port knocking scheme, I would have to agree.
> But, I disagree that its easy for a worm to do this, unless your port
> knocking scheme was trivial like 'hit port 55 then 5'.
My point was that it does not protect public services from worms --
services that need to be accessed by anyone, without knowledge of
passwords or port-knocking sequence.
The statement "port-knocking protects you from worm attacks" is flawed.
While it may veil and protect private services, so do many other
mechanism (like IPSec tunnels, or my favorite, SSH).
-Frank
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (FreeBSD)
iD8DBQBBdsJQJjGc5ftAw8wRAkNMAKD8QCmDhNRwqZwQFL5waveBuI92/gCeN1SY
j1UXZCs88x8pv8Ns+937v8k=
=szlU
-----END PGP SIGNATURE-----
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://www.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]