Results 1 to 5 of 5

Thread: A fancy firewall that require authentication

  1. #1
    penguin_to_bits
    Guest

    Default A fancy firewall that require authentication

    Is there any firewall that does something like the following:

    * You portscan the IP address, but everything comes back as filtered.
    * You send a certain "authentication" packet to the IP address, and when the firewall receives this packet, it adds the originating IP address to its "safe list".
    * Now you portscan the IP address again and you see all the open ports.

    Basically, it would be a system whereby the machine only responds to safe IP addresses, and ignores traffic from all other machines.

  2. #2
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    I believe that is the basis of port knocking however I may be wrong.

  3. #3
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Quote Originally Posted by pureh@te View Post
    I believe that is the basis of port knocking however I may be wrong.
    Yea, that sounds a lot like port knocking.

    http://www.portknocking.org/
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  4. #4
    penguin_to_bits
    Guest

    Default

    Quote Originally Posted by pureh@te View Post
    I believe that is the basis of port knocking however I may be wrong.
    Portscanning, and thus portknocking, work with TCP and UDP, which are Layer 4, Transport Layer protocols.

    I was thinking of working at a lower layer, i.e. at IP. Bascially, the computer in question would ignore all IP packets unless the source address is listed in a "safe list". A foreign machine could add itself to the safe list by sending a some sort of authentication packet to the server.

    This way, the server wouldn't even respond to a ping unless the foreign machine is in its safe list. Any would-be attackers wouldn't even know that the computer exists or is turned on.

    (And yes, I realise I won't be able to use NAT and PAT if I work with something lower than Layer 4).

    For now though I think I'll read up on portknocking.

  5. #5
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default

    http://en.wikipedia.org/wiki/OSI_model

    Add this to your list of reading also.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •