Date: Fri, 31 Aug 2001 20:00:28 +0000 From: "Not Going to Tell You" <luckywolf19@hotmail.com> To: anderson@centtech.com Cc: security@freebsd.org Subject: Re: Possible New Security Tool For FreeBSD, Need Your Help. Message-ID: <F229QdSe9g4pXX50yki00001102@hotmail.com>
next in thread | raw e-mail | index | archive | help
First, I stated that the only port that would be open would be the port 80 http. And it is assumed that I would have already had a tight box with strict rules. But even tight boxes still show which ports are opened. As for guessing the key sequence..I doubt it, if the program was able to tell if port scanning was taking place. And do not for get the timer. As for sniffing, well 99.9% of all the hackers that I have seen come from the Internet where would they put the sniffer? Lucky >From: Eric Anderson <anderson@centtech.com> >Reply-To: anderson@centtech.com >To: Not Going to Tell You <luckywolf19@hotmail.com> >CC: security@freebsd.org >Subject: Re: Possible New Security Tool For FreeBSD, Need Your Help. >Date: Fri, 31 Aug 2001 14:40:05 -0500 > >it wouldn't be too hard to randomly try these until you got the "key", >or even just sniff the traffic (assuming you have that access) and >replicate it.. this doesnt sound like a benefit to me.. good thinking, >but I'm not sure how it's different from having a nice and tight box >with strict ipfilter rules and/or tcpwrappers running.. > >Eric > > >Not Going to Tell You wrote: > > > > Sorry for the blank e-mail. > > > > I have an idea, maybe you either know if it is already been done or you >can > > help me write this software: > > > > What if I would scan 5 ports in a defined order, within a define period >of > > time on my remote box. A program on the box would recognize these 5 port > > scans as a "Key" from a remote user to open a port or to activate >another > > software. > > > > Why would this be good? > > I could close all the ports on my box except those needed to provide a > > service (i.e. port 80), however, how can I remote manage it? So then I >would > > have to open a sshd port also. But this leads to a potential security > > problem when scanned by a hacker. So, what if I had a program that sent >a > > type of "Key" to the box and the box recognized that the key sequence >order > > was from me, then opened the sshd port. After I was finished with the >sshd > > session, I would run another program to close the port behind me? > > > > Any thoughts and help is welcomed. > > > > Lucky > > > > _________________________________________________________________ > > Get your FREE download of MSN Explorer at >http://explorer.msn.com/intl.asp > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > >-- >------------------------------------------------------------------------------- >Eric Anderson anderson@centtech.com Centaur Technology (512) >418-5792 >Truth is more marvelous than mystery. >------------------------------------------------------------------------------- > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F229QdSe9g4pXX50yki00001102>