RE: Open Ports
- From: "Geldrop, Paul van" <paul.van.geldrop@xxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 19 Jan 2006 22:29:17 +0100
Aye, it has both good and bad applications. Dormant backdoors and the works.
Whether something is 'good' or 'bad', however, in my opinion, depends on the
intent.
Portscanning is generally also considered to be a 'bad thing', but it still has
its uses in, say, checking your network security baseline.
________________________________
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Thu 19-1-2006 22:24
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Open Ports
http://www.ISAserver.org
"port knocking" as understood by the majority of the security community *is*
malicious.
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: Geldrop, Paul van [mailto:paul.van.geldrop@xxxxxxxxxxxxx]
Sent: Thursday, January 19, 2006 12:08
To: [ISAserver.org Discussion List]
Subject: RE: [isalist] RE: Open Ports
True. However, with the assumption that a) you actually own the system and b)
you want to use the port-knocking mechanism (therefore making it wanted code),
the concept isn't bogus.
My intention is to have a go at it on my testing environment, just because it'd
be fun to try. :P I wouldn't dream of even mentioning the concept at a customer.
As far as 'owning the machine', I can imagine you're also referring to the fact
I don't 'own' the ISA server's internals. True. Combining an ISA server as
back-end with, say, a UNIX machine in front with port-knocking on it, however,
would solve that problem. I'm also aware there are plenty of progs available to
do that for me, but, ah hell, I like playing around with code at times. ;)
________________________________
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Thu 19-1-2006 20:56
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Open Ports
http://www.ISAserver.org
The basic idea behind port-knocking is that you have installed an agent that
can control your (local or remote) firewall policies. If you've accomplished
the task of installing unwanted code on a machine that you don't (actually)
own, you've wasting time simply dorking about with firewall policies.
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
This e-mail and any attachment is for authorised use by the intended
recipient(s) only. It may contain proprietary material, confidential
information and/or be subject to legal privilege. It should not be copied,
disclosed to, retained or used by, any other party. If you are not an intended
recipient then please promptly delete this e-mail and any attachment and all
copies and inform the sender. Thank you.
Other related posts:
