search for: knock

Steffen Nurpmeso wrote in <20240704180538.iV4uex29 at steffen%sdaoden.eu>: |Simon Josefsson wrote in | <87jzi1fg24.fsf at kaka.sjd.se>: ||Jochen Bern <Jochen.Bern at binect.de> writes: ||> (And since you mention "port knocking", I'd like to repeat how fond I ||> am of upgrading that original concept to a single-packet ||> crypto-armored implementation like fwknop.) || ||I am reluctantly considering to use some kind of port knocking mechanism ||on some machines, however I really don't want to ca...

...025234.j3oUaPFH at steffen%sdaoden.eu>: |Steffen Nurpmeso wrote in | <20240704180538.iV4uex29 at steffen%sdaoden.eu>: ||Simon Josefsson wrote in || <87jzi1fg24.fsf at kaka.sjd.se>: |||Jochen Bern <Jochen.Bern at binect.de> writes: |||> (And since you mention "port knocking", I'd like to repeat how fond I |||> am of upgrading that original concept to a single-packet |||> crypto-armored implementation like fwknop.) ||| |||I am reluctantly considering to use some kind of port knocking mechanism |||on some machines, however I really don't want...

Simon Josefsson wrote in <87jzi1fg24.fsf at kaka.sjd.se>: |Jochen Bern <Jochen.Bern at binect.de> writes: |> (And since you mention "port knocking", I'd like to repeat how fond I |> am of upgrading that original concept to a single-packet |> crypto-armored implementation like fwknop.) | |I am reluctantly considering to use some kind of port knocking mechanism |on some machines, however I really don't want to carry a...

I am attempting to use the Knock.pm from http://www.shorewall.net/ManualChains.html I am not having much luck making the DNAT- knock work for some reason. Anyone else using this on 4.4.4 that can verify if this still works as documented? Thanks ------------------------------------------------------------------------------ Retu...

Okay, I finally took the time to re-write the scripts that I had talked about a few threads earlier. I have 2 versions of them, and they currently work for Redhat Enterprise 4 and SuSE Enterprise 9. (using iptables, and xinetd.d) The 2 varieties are: #1 knock, to be allowed to connect from the IP address written by the knock sequence. This adds an iptable entry to allow the specified IP address to connect to specified knock ssh port (I used 32022 for my example), opens a listener for 30 seconds, then kills the listener and drops the iptable entry....

...> >> For those of you who have had to sift through Samba logs for clues on how to determine what caused an account to lock after repeated failed logon attempts, what "log level" settings have you found to be most helpful? >> >> Thanks, >> Matthew > > ©2017 KNOCK, inc. All rights reserved. KNOCK is a registered trademark of KNOCK, inc. This message and any attachments contain information, which is confidential and/or privileged. If you are not the intended recipient, please refrain from any disclosure, copying, distribution or use of this information. Pleas...

I''ve been using the port knocking technique described in the Shorewall docs to control ssh access on one of our servers: http://www.shorewall.net/PortKnocking.html It works great, but occasionally one of the admins forgets to perform the close port operation. This leaves ssh open to the world until one of us notices. I'...

All, A friend gave me access to an svn(+ssh) repository the other day, and told me that I needed to do some port knocking to open up ssh. It occurred to me that it would be extremely convenient if I could add a "knock" configuration option for the host to my ~/.ssh/config file and never think about this again (rather than creating a shell script to accomplish this behavior, and remembering to use...

I haven't been keeping up with the internals, I'm afraid. Does OpenSSH have support for Port Knocking? I might be interested in looking into that, as a way of reacquainting myself with the current code base. --- Scott Neugroschl | XYPRO Technology Corporation 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |

Anyone know why the knock-off X100p prices have jumped? -Nate

Hi guys, I've made a patch adding LocalPreCommand to ssh_config. It mimics behaviour of LocalCommand, but is executed right before the connection is opened. This makes possible e.g. to integrate ssh with port knocking. It also removes "-oPermitLocalCommand=no" from scp allowing the same functionality to be used for file transfers. Applies cleanly on vanilla OpenSSH 6.7p1. http://software.klolik.org/patches/openssh+localprecommand.diff Best regards, Bartlomiej Korupczynski

Jochen Bern <Jochen.Bern at binect.de> writes: > (And since you mention "port knocking", I'd like to repeat how fond I > am of upgrading that original concept to a single-packet > crypto-armored implementation like fwknop.) I am reluctantly considering to use some kind of port knocking mechanism on some machines, however I really don't want to carry around shar...

Hello Samba Friends, For those of you who have had to sift through Samba logs for clues on how to determine what caused an account to lock after repeated failed logon attempts, what "log level" settings have you found to be most helpful? Thanks, Matthew ©2017 KNOCK, inc. All rights reserved. KNOCK is a registered trademark of KNOCK, inc. This message and any attachments contain information, which is confidential and/or privileged. If you are not the intended recipient, please refrain from any disclosure, copying, distribution or use of this information. Pleas...

....ldb -b 'cn=Schema,cn=Configuration,dc=samdom,dc=example,dc=com' -s base objectVersion Altered for your setup. Rowland -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba ? 2020 KNOCK, inc. All rights reserved. KNOCK, inc, is a registered trademark of KNOCK, inc. This message and any attachments contain information, which is confidential and/or privileged. If you are not the intended recipient, please refrain from any disclosure, copying, distribution or use of this information....

...: > > > > Did you check your setup against > http://wiki2.dovecot.org/Authentication/Kerberos I did. ?Of course, it's possible I've still managed to overlook something.? > Also can you provide klist -k on server? I assume you mean the kerberos server: [ root at knock ~]# klist -k Keytab name: FILE:/etc/krb5.keytab KVNO Principal ---- -------------------------------------------------------------------------- ???2 host/knock.endoframe.net at ENDOFRAME.NET ???2 host/knock.endoframe.net at ENDOFRAME.NET ???2 host/knock.endoframe.net at ENDOF...

...tVersion > > Altered for your setup. > > Rowland > > > > -- > To unsubscribe from this list go to the following URL and > read the > instructions: https://lists.samba.org/mailman/options/samba > > > ? 2020 KNOCK, inc. All rights reserved. KNOCK, inc, is a > registered trademark of KNOCK, inc. This message and any attachments > contain information, which is confidential and/or privileged. If you > are not the intended recipient, please refrain from any disclosure, > copying, distribution or use...

So I found an excellent port knocking tutorial using ONLY iptables rules that looks to be among the best I've ever seen. (warning: techno music, tough to read screen, you don't need to type it in because I post a link to script below) http://www.youtube.com/watch?v=0zFQocf7C_0 It works fabulously for simply opening a po...

Do they fall under FCC certification if they're built to the same specifications as the ones from Digium? If I build my own T100Ps from the schematics and board layouts that are available, are they legal to plug into the PSTN?

...ur setup. > > Rowland > > > > -- > To unsubscribe from this list go to the following URL and > read the > instructions: https://lists.samba.org/mailman/options/samba > > > ? 2020 KNOCK, inc. All rights reserved. KNOCK, inc, is a > registered trademark of KNOCK, inc. This message and any attachments > contain information, which is confidential and/or privileged. If you > are not the intended recipient, please refrain from any disclosure, > copying, dist...

This article describes how to implement "Port Knocking" in Shorewall. http://shorewall.net/PortKnocking.html -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key