Posted by: Anonymous Coward
on August 11, 2004 05:49 PM
I thought that the main point of port knocking is to not reveal whether the machine is switched on, in which case you don't want to send out an ICMP_PORT_UNREACH message.
Is it easy to write a script that receives UDP packets without revealing whether the machine is there or not? If it is, then that sounds like a better solution that port knocking.
Ideally you wouldn't just open the port when the secret signal is received, as you might get randomly port-scanned at just that moment.
Learn about Linux
Download Linux
Get Linux help
use of UDP
Posted by: Anonymous Coward on August 11, 2004 05:49 PMto not reveal whether the machine is switched on,
in which case you don't want to send out an
ICMP_PORT_UNREACH message.
Is it easy to write a script that receives UDP
packets without revealing whether the machine is
there or not? If it is, then that sounds like a
better solution that port knocking.
Ideally you wouldn't just open the port when the
secret signal is received, as you might get
randomly port-scanned at just that moment.
#