Subject: Re: port-knocking (was: Re: Autoblocking sites after ssh probes)
To: Klaus Heinz <k.heinz.jan.fuenf@onlinehome.de>
From: =?ISO-8859-1?Q?Timo_Sch=F6ler?= <eclipser23@web.de>
List: current-users
Date: 01/29/2005 10:43:06
>> consider inverting the behaviour of your log-watcher. Use something
>> like the port-knocking technique to open temporary access to the ssh
>
> Can anyone recommend software for port-knocking? There are several
> implementations, many using iptables. So far, there seems to be no
> package in pkgsrc and I wouldn't want to waste time trying many/all
> of them.
for the records: there was a review in the german iX magazine in=20
september 2003:
Joachim Baumann, Christian Hirzel, Markus Stoll
Doppelt gen=E4ht
SSH-Zug=E4nge durch PGP und TCP-Wrapper sicherer machen
praxis
iX 9/03, Seite 102
i'll send you another mail privately as i guess you speak german ;)
regards & hth,
--=20
mit vorz=FCglichster Hochachtung/best regards,
Timo Sch=F6ler
//macfinity -- finest IT services | Triftstrasse 39 | 13353 Berlin |=20
Germany
Fon ++49 30 25 20 30 20 | Fax ++49 30 25 20 30 19
PGP data http://www.macfinity.net/~tis/contact/PGPPKB_timo.schoeler.txt