Improved Port Knocking With Strong Authentication
Source: University of Calgary
Sometimes, it becomes necessary to let only the authorized external users access the open ports whereas closed ports may be accessible to all. The paper seeks to investigate various methods of authentication so as to keep data secure. It specifically focuses on 'Port Knocking' method and the procedure to implement it. It makes a critical evaluation of this method. Authentication is generally considered to be the simplest and easiest method of securing a network. However, this method is not foolproof, thus the need for more sophisticated methods arises. Authentication service can be used for various purposes which include making services imperceptible to standardized port scans. It also provides an additional layer of security and thus makes it more difficult for hackers to access the data. It also works as a stop-gap safely measure and acts as a service provider for systems with unpatched vulnerabilities. The paper then discusses the various methods of designing such authentication services, including "Port Knocking". It also studies the various shortcomings of Port Knocking method. These shortcomings include failure to deliver the packers out of turn. It then produces a new port knocking design which seeks to overcome the shortcomings of earlier designs. It is desirable to authenticate the users before letting them in through the firewall as it acts as an authentication service for unsecured legacy services.