11. ● Port Knocking
● Literally “door knocking”
● The technique is built on a
sequence of packages pre
determined
● If the sequence is wrong, nothing
(SSH access) will be released
● Use the fields reserved for the
TCP/UDP
● Does not use encryption
15. Packets may arrive out of order,
which breaks a string
An attacker may be sending
packets to random ports, breaking
the sequence
Susceptible to attack by replay
18. It is a technique based a Port Knocking
● The SPA inherits the strengths and
addresses the major flaws of Port Knocking
The application that implements the SPA is
FWKNOP (FireWall KNock OPerator)
The FWKNOP is Free Software maintained by
Michael Rash
http://cipherdyne.org/fwknop/
19. Only one packet is sent
Correcting the problem of delivery
out of order
Uses the fieldrelated data of the package
Correcting the problem of encryption
● Creates a temporary rule in the firewall,
allowing access only to client
There is not the possibility of using the
same package in a range of predetermined
time (default 60s)
– Correction of attacks on Replay
20. Ability to encrypt packets with keys
Symmetrical (Rijndael)
– Asymmetric (GPG + ElGamal)
Makes the deciphering of the packages
to verify
IP address of the packet with
the IP address of the encrypted
● Addition of a block of random content
generated for each packet, thus
allowing the encryption single