[SGVLUG] security tools

Claude Felizardo cafelizardo at gmail.com
Wed Dec 5 15:05:02 PST 2007


On Dec 4, 2007 11:27 AM, John Lowry <johnlowry at gmail.com> wrote:

[snip]

> I use fwknop on my SSH bastion host. A network scan looking for anything
> on that machine will see that everything is filtered. When I want to
> connect I use the fwknop client to open up SSH to only my IP for 10
> minutes and allow pre-existing conditions to stay open so when the
> firewall drops down after 10 minutes, my connection stays open. So even
> if there is a new exploit out for OpenSSH I am not stressed about
> attacks from external attackers.

I gave a mini presentation on the basic concepts of port knocking not
too long ago and had just heard about fwknop but didn't get a chance
to try it out.  Would you, or the original poster, be  willing to give
a short presentation on these tools?

Hey, does anyone know of a fwknop client written in Java?  Actually I
just want something that will run on my cell phone (windoze mobile
unfortunately) so i can connect to my Linux box at home.  I'm still
using the simple port knocking scheme I demonstrated back in April but
I've been hoping to find something that's ready to go that addresses
some of the short comings we discussed.

claude


More information about the SGVLUG mailing list