new match extension to implement port knocking in one rule
Rennie deGraaf
degraaf at cpsc.ucalgary.ca
Wed Oct 11 07:33:15 CEST 2006
federikkom wrote:
> Hi everybody, we have been working in a netfilter extension to implement port knocking in a easy way. The idea is to set everything in just one iptables rule:
>
<snip>
If you're interested in port knocking, you might want to read this
paper: http://www.acsac.org/2005/abstracts/156.html It covers security
issues relating to port knocking in detail, and presents an architecture
for solving most of them.
Full disclosure: I wrote that paper. Feel free to contact me if you
have questions.
Rennie deGraaf
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
Url : /pipermail/netfilter-devel/attachments/20061011/1dc9dde6/signature.pgp
More information about the netfilter-devel
mailing list