Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
RE: [Dailydave] Sending remote procedure calls through e-mail(RPC-Mail)
From: Frank Knobbe (frankknobbe.us)
Date: Wed Oct 20 2004 - 14:53:53 CDT
On Wed, 2004-10-20 at 14:33, John Bryson wrote:
> With a trivial port knocking scheme, I would have to agree.
> But, I disagree that its easy for a worm to do this, unless your port
> knocking scheme was trivial like 'hit port 55 then 5'.
My point was that it does not protect public services from worms --
services that need to be accessed by anyone, without knowledge of
passwords or port-knocking sequence.
The statement "port-knocking protects you from worm attacks" is flawed.
While it may veil and protect private services, so do many other
mechanism (like IPSec tunnels, or my favorite, SSH).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (FreeBSD)
-----END PGP SIGNATURE-----
Dailydave mailing list