[ previous ] [ next ] [ threads ]
 
 From:  Jason P Jones <jjones at integracon dot com>
 To:  Adam Nellemann <adam at nellemann dot nu>
 Cc:  m0n0wall List <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Port Knocking?
 Date:  Sat, 07 Feb 2004 00:52:45 -0500
I would think that an excellent place for this in code- that would be
very usable, would be an option for VPN initialization. Could be an
option in setup for new VPN connections with a port sequence of the
user's choice (say a limit of 5 or so for the sequence) and possibly a
user definable time. Again, just a good option for this or some other
offshoot project. Everyone wants features, few want to code them or
worry over the size they add. This could probably be done in a few KB
though (an yes I wish I was the one with the time and ability to knock
it off).

Jason P Jones


On Sat, 2004-02-07 at 00:14, Adam Nellemann wrote:
> Nice idea, I like it!
> 
> It probably should be elaborated on a bit (as suggested in some of the 
> articles) to prevent easy detection of a "knock" taking place (a nice 
> alternative, which could also be elaborated on and/or combined with the 
> usual "knock": http://doorman.sourceforge.net)
> 
> I guess a "test" implementation could be done with no changes to 
> m0n0wall, simply by making a small daemon running on a machine recieving 
> syslog messages from m0n0wall and using http to make the changes to the 
> rules (assuming this can't be done more easily in other ways, such as 
> SNMP or..?)
> 
> Of course a usable implementation should either reside completely on 
> m0n0wall, or depend on a better way to monitor the filter log and change 
> the firewall rules from a local machine running the "knocker daemon".
> 
> Adam.
> 
> Don Gray wrote:
> 
> > Anyone read these articles?  Any ideas how to implement with m0n0wall/IPFilter? It's an
interesting concept.
> > 
> > http://slashdot.org/article.pl?sid=04/02/05/1834228&mode=thread&tid=126&tid=172
> > http://www.linuxjournal.com/article.php?sid=6811&mode=thread&order=0
> > http://www.portknocking.org/
> > 
> > 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>