From owner-freebsd-stable  Fri Aug 31 12:39:54 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from stuart.microshaft.org (ns1.microshaft.org [208.201.249.2])
	by hub.freebsd.org (Postfix) with ESMTP
	id A30AE37B407; Fri, 31 Aug 2001 12:39:46 -0700 (PDT)
Received: (from jono@localhost)
	by stuart.microshaft.org (8.9.3/8.9.3) id MAA42827;
	Fri, 31 Aug 2001 12:39:45 -0700 (PDT)
	(envelope-from jono)
Date: Fri, 31 Aug 2001 12:39:45 -0700
From: "Jon O ." <jono@microshaft.org>
To: Not Going to Tell You <luckywolf19@hotmail.com>
Cc: security@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG
Subject: Re: Possible New Security Tool For FreeBSD, Need Your Help.
Message-ID: <20010831123945.E42488@networkcommand.com>
Reply-To: "jono@networkcommand.com" <jono@microshaft.org>
References: <F2216sKBEr8pkpLkTgb00001213@hotmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2i
In-Reply-To: <F2216sKBEr8pkpLkTgb00001213@hotmail.com>; from luckywolf19@hotmail.com on Fri, Aug 31, 2001 at 07:33:51PM +0000
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG


I already have this ported to FreeBSD. It uses libpcap to watch for
syn packets. 

The original is called cd00r.c and is available here:
http://www.phenoelit.de/fr/tools.html

My FreeBSD port is available if you send an email, I've got to dig it up...


 


On 31-Aug-2001, Not Going to Tell You wrote:
> Sorry for the blank e-mail.
> 
> I have an idea, maybe you either know if it is already been done or you can 
> help me write this software:
> 
> What if I would scan 5 ports in a defined order, within a define period of 
> time on my remote box. A program on the box would recognize these 5 port 
> scans as a "Key" from a remote user to open a port or to activate another 
> software.
> 
> Why would this be good?
> I could close all the ports on my box except those needed to provide a 
> service (i.e. port 80), however, how can I remote manage it? So then I would 
> have to open a sshd port also. But this leads to a potential security 
> problem when scanned by a hacker. So, what if I had a program that sent a 
> type of "Key" to the box and the box recognized that the key sequence order 
> was from me, then opened the sshd port.  After I was finished with the sshd 
> session, I would run another program to close the port behind me?
> 
> Any thoughts and help is welcomed.
> 
> Lucky
> 
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message