Port knocking / Saadiah Yahya and Mohamed Sulaiman Sultan Suhaibuddeen
Around the globe, network administrators are challenged to balance flexibility and security elements when designing and maintaining their network infrastructure. Firewalls are a long-standing basic security measure that organizations use to isolate networks from the Internet. Whether it's a sta...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
2006
|
| Subjects: | |
| Online Access: | https://ir.uitm.edu.my/id/eprint/81194/1/81194.PDF https://ir.uitm.edu.my/id/eprint/81194/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Teknologi Mara |
| Language: | English |
| id |
my.uitm.ir.81194 |
|---|---|
| record_format |
eprints |
| spelling |
my.uitm.ir.811942023-08-11T03:20:37Z https://ir.uitm.edu.my/id/eprint/81194/ Port knocking / Saadiah Yahya and Mohamed Sulaiman Sultan Suhaibuddeen Yahya, Saadiah Sultan Suhaibuddeen, Mohamed Sulaiman Web servers. Internet Around the globe, network administrators are challenged to balance flexibility and security elements when designing and maintaining their network infrastructure. Firewalls are a long-standing basic security measure that organizations use to isolate networks from the Internet. Whether it's a stand-alone appliance firewall like CheckPoint, one of the various host-based systems such as ZoneAlarm, or the Windows Firewall system included with Windows XP Service Pack 2, these devices go a long way toward protecting networks from unwanted traffic, including viruses, Trojans, and hackers. A firewall should provide some form of shield against malfeasant motives by adding an extra layer of network security allowing trusted and authorized users to connect through. Unfortunately, it is not as easy as it sounds: it is a tough task to come up with a mechanism to distinguish the bad guys, because filtering on the basis of IP addresses and ports does not differentiate connecting users. Bad guys possible and do come from trusted IP addresses. On the other hand, open ports remain a consciously known vulnerability. Building up a very secure rule sets and policies alone appear insufficient. Port Knocking a method of establishing a connection to a secured network or computer within a network that does not have an open port is the answer. A remote device sends a series of series of connection attempts in the form of packets, to the computer's closed ports, and the attempts are silently ignored but logged by the firewall. When the remote device has established the predetermined sequence of port connection attempts, a daemon triggers a port to open, and the network connection is established. An advantage of using a port knocking technique is that a malicious hacker cannot detect ifa device is listening for port knocks. Having port knocking alone to handle a high secure site is not sufficient, therefore, combining it with another technology called "Wake-On-LAN" (WOL) definitely will synergize the outcome. This research is investigating the Port Knocking technology on the protected system and determines whether interaction between Wak-On-LAN and Port Knocking can offer a better-synergized security system. The effectiveness and practicality of having another layer of protection for the server in DMZ area using this method on the firewall, and more broadly measures the performance and resources usage impact of the server involved in the study is exploited. This include investigating the way how the firewall have the intelligence to avoid log rotate issues, how the firewall have the intelligence to tell whether the server is already alive or idle, and also the firewall know when is the correct time to drop all the remote connection to the server and later suspend the server. 2006 Conference or Workshop Item PeerReviewed text en https://ir.uitm.edu.my/id/eprint/81194/1/81194.PDF Port knocking / Saadiah Yahya and Mohamed Sulaiman Sultan Suhaibuddeen. (2006) In: Volume No. 1: Science and Technology, 30 – 31 May 2006, Swiss Garden Resort & Spa Kuantan, Pahang. |
| institution |
Universiti Teknologi Mara |
| building |
Tun Abdul Razak Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Mara |
| content_source |
UiTM Institutional Repository |
| url_provider |
http://ir.uitm.edu.my/ |
| language |
English |
| topic |
Web servers. Internet |
| spellingShingle |
Web servers. Internet Yahya, Saadiah Sultan Suhaibuddeen, Mohamed Sulaiman Port knocking / Saadiah Yahya and Mohamed Sulaiman Sultan Suhaibuddeen |
| description |
Around the globe, network administrators are challenged to balance flexibility and security elements when designing and maintaining their network infrastructure. Firewalls are a long-standing basic security measure that organizations use to isolate networks from the Internet. Whether it's a stand-alone appliance firewall like CheckPoint, one of the various host-based systems such as ZoneAlarm, or the Windows Firewall system included with Windows XP Service Pack 2, these devices go a long way toward protecting networks from unwanted traffic, including viruses, Trojans, and hackers. A firewall should provide some form of shield against malfeasant motives by adding an extra layer of network security allowing trusted and authorized users to connect through. Unfortunately, it is not as easy as it sounds: it is a tough task to come up with a mechanism to distinguish the bad guys, because filtering on the basis of IP addresses and ports does not differentiate connecting users. Bad guys possible and do come from trusted IP addresses. On the other hand, open ports remain a consciously known vulnerability. Building up a very secure rule sets and policies alone appear insufficient. Port Knocking a method of establishing a connection to a secured network or computer within a network that does not have an open port is the answer. A remote device sends a series of series of connection attempts in the form of packets, to the computer's closed ports, and the attempts are silently ignored but logged by the firewall. When the remote device has established the predetermined sequence of port connection attempts, a daemon triggers a port to open, and the network connection is established. An advantage of using a port knocking technique is that a malicious hacker cannot detect ifa device is listening for port knocks. Having port knocking alone to handle a high secure site is not sufficient, therefore, combining it with another technology called "Wake-On-LAN" (WOL) definitely will synergize the outcome. This research is investigating the Port Knocking technology on the protected system and determines whether interaction between Wak-On-LAN and Port Knocking can offer a better-synergized security system. The effectiveness and practicality of having another layer of protection for the server in DMZ area using this method on the firewall, and more broadly measures the performance and resources usage impact of the server involved in the study is exploited. This include investigating the way how the firewall have the intelligence to avoid log rotate issues, how the firewall have the intelligence to tell whether the server is already alive or idle, and also the firewall know when is the correct time to drop all the remote connection to the server and later suspend the server. |
| format |
Conference or Workshop Item |
| author |
Yahya, Saadiah Sultan Suhaibuddeen, Mohamed Sulaiman |
| author_facet |
Yahya, Saadiah Sultan Suhaibuddeen, Mohamed Sulaiman |
| author_sort |
Yahya, Saadiah |
| title |
Port knocking / Saadiah Yahya and Mohamed Sulaiman Sultan Suhaibuddeen |
| title_short |
Port knocking / Saadiah Yahya and Mohamed Sulaiman Sultan Suhaibuddeen |
| title_full |
Port knocking / Saadiah Yahya and Mohamed Sulaiman Sultan Suhaibuddeen |
| title_fullStr |
Port knocking / Saadiah Yahya and Mohamed Sulaiman Sultan Suhaibuddeen |
| title_full_unstemmed |
Port knocking / Saadiah Yahya and Mohamed Sulaiman Sultan Suhaibuddeen |
| title_sort |
port knocking / saadiah yahya and mohamed sulaiman sultan suhaibuddeen |
| publishDate |
2006 |
| url |
https://ir.uitm.edu.my/id/eprint/81194/1/81194.PDF https://ir.uitm.edu.my/id/eprint/81194/ |
| _version_ |
1775626408805007360 |