Crackers and correlations
Gerald Combs
gerald at ethereal.com
Sat Oct 30 10:28:59 CDT 2004
Monty J. Harder wrote:
> The problem with that one is 'generally'. You never know when an ISP will
> change the IP range that you use in a location, and you also never know when
> you're going to be somewhere else and need to get in.
>
> It might be better to have an extra layer of security for an IP outside
> that range. For instance, you might have it challenge the user to enter
> some special password (or just su to root to run a command that validates
> the session) and if that fails, dump them before they can do anything else.
There's also "port knocking": http://www.portknocking.org/ . In order
for the firewall to open up port 22, you would have to send a special
sequence of packets, e.g. attempt to connect to a specific combination
of ports in a specific order.
More information about the Kclug
mailing list