[SGVLUG] port knocking anyone?
James Neff
jneff at tethyshealth.com
Wed Jun 25 06:57:02 PDT 2008
I experimented with fwknop earlier this year and finally gave it up for
OpenVPN.
With the help of Michael Rash I wrote a fwknop client in Java that uses
GPG keys. I could not get the Crypt::CBC library to work for the
passphrase operation.
Anyone can have my code if they are interested in continuing it.
You can use it for any port, not just ssh.
--James
Claude Felizardo wrote:
> On Fri, Jun 13, 2008 at 5:17 PM, John Lowry <johnlowry at gmail.com> wrote:
>
>> I have used fwkop <http://www.cipherdyne.org/fwknop/> with great success
>> before. You block SSH connection by default and let fwknop open up the port
>> after a successful authentication.
>>
>
>
> John,
>
> Would you be willing to give a presentation on this? Do you use it
> for anything but ssh?
>
> I think I heard about this right after I gave my presentation last
> year and then forgot about it. My concern was that it required a
> special client and if what if I didn't have my laptop with me. I'm
> paranoid enough that I wouldn't try this unless I trusted the admin,
> ie, not at a cyber cafe. Maybe on a friend's computer but I haven't
> had a need to do anything like that in ages. Maybe that's what USB
> sticks are for.
>
> As for my recent trip I was able reproduce my old configuration before
> leaving and was able to push copies of most of my pics to my
> fileserver before flying home.
>
> claude
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.sgvlug.net/pipermail/sgvlug/attachments/20080625/72a1cf8c/attachment.html
More information about the SGVLUG
mailing list