[ previous ] [ next ] [ threads ]
 
 From:  Tim Nelson <tnelson at rockbochs dot com>
 To:  Mono Wall list <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Possible Future Feature Inclusion?!?
 Date:  Mon, 16 Oct 2006 12:51:42 -0500
A relatively new authentication method that has been keeping my 
attention for some time now is port knocking. Essentially, a firewall 
would keep a port closed until it sees a predefined set of traffic. For 
example: I want to access port 22 forwarded to my webserver behind a 
monowall. To open port 22, I must first "knock" by accessing other 
closed ports such as UDP 9876 and TCP 3349. Once the firewall sees these 
ports "knocked", it allows access from my IP to port 22.

A finer explanation can be found at: http://www.portknocking.org or 
http://en.wikipedia.org/wiki/Port_knocking

In my wanderings on this method, it <i>appears</i> it would be 
relatively easy to implement with monowall. Is there a possibility this 
could be added to a future release? It would be great to see! Maybe it 
belongs with pfSense instead?

What do you all think?

-- 
Tim Nelson
Technical Consultant
Rockbochs Inc.
(218)727-4332
http://www.rockbochs.com