General discussion


Be aware of potential threats from port knocking

By MaryWeilage Editor ·
Do you have any experience with port knocking and the types of back doors associated with it? Do you frequently use freeware or shareware? Do you agree that it's potentially insecure? Share your comments about protecting your network from port knocking, as discussed in the March 19 Security Solutions e-newsletter.

If you haven't subscribed to our free Security Solutions e-newsletter, sign up today!

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by Tin Man In reply to

These are home use firewalls.

Collapse -

something must be listening

by martykro In reply to Be aware of potential thr ...

Surely something must be listening for the port taps. Maybe it's not replying so a port scan will not catch it but a simple "netstat" should see all ports listening on the station.

Collapse -

Port Knocking

by rkuhn In reply to please see "passive"

Ok, so when you download the freeware or shareware, they record your IP. Big deal. All of you make so much fuss that this is a big deal for home users.

How many home users have a static IP? I have DSL and I tell it to never disconnect but it does almost daily.

And if the Trojan were to somehow transmit the "new" IP, that would be detected by the simplest of firewalls.

Collapse -

freeware/shareware aren't the only trouble makers

by jnemeth In reply to Be aware of potential thr ...

This emphasis on freeware is total crap! There are known cases of commercial software shipping with viruses. There are even known cases of hotfixes from Microsoft being infected. It doesn't matter where you get your software, there is the potential for trouble. Only the truely ignorant would place such a large emphasis on freeware/shareware.

Your final thoughts are also complete crap! Saying that you don't have anything against freeware/shareware, followed by saying that you only use them while they serve their purpose then you replace them with something for which you've paid isn't exactly a compliment. BTW, I hope you pay for the shareware you use. As for your comment about getting programs from people you don't know, I very much doubt that you personally know all the people involved in creating all the commercial apps that you use.

As for my final thoughts, I leave an exercise for the student. Consider the history of the two most popular web servers. If you have even the slightest clue, then I won't need to say anything more.

What I want to know is when is TechRepublic going to replace you with somebody that acutally knows something about security? Most of your articles are total crap and some are even dangerous since they distract people from implementing real security solutions. With people like you, it is no wonder that the US federal government constantly receives failing grades for computer security. See <a href="">House Panel Slams Federal IT Security</a> for one of the latest reports.

Collapse -

TR needs security insight/feedback!!!

by jmottl In reply to Be aware of potential thr ...

Hello TR members,
We need to form a focus group that will review/critique security related content we're currently developing and hoping you're interested in participating. We'll be sending you a security package -- a tool of various documents and downloads that we're creating to help members use in their jobs, and looking for feedback on whether you believe they have value, suggestions for improvement and what specific security topics we should target first.
If you can shoot back an email to me at by tomorrow (Thursday) and let me know if you're interested in serving on this focus group that'd be great.
I hope to hear from you,
Judy Mottl
Senior Editor

Related Discussions

Related Forums