Extension of a port knocking client-server architecture with NTP synchronization

Extension of a port knocking client-server architecture with NTP synchronization

Port knocking is a form of host-to-host communication which relies on deliberately failed TCP connection attempts. The information is encoded into a port sequence. The client attempts to initiate several three-way-handshakes and receives no reply. These connection attempts are monitored by a daemon...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Popeea, T., Olteanu, V., Gheorghe, L., Rughinis, R.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Authentication
Cryptography
Fires
IP networks
network security
one-way functions
port knocking
Servers
Synchronization
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 5
container_issue
container_start_page 1
container_title
container_volume
creator Popeea, T.
Olteanu, V.
Gheorghe, L.
Rughinis, R.
description Port knocking is a form of host-to-host communication which relies on deliberately failed TCP connection attempts. The information is encoded into a port sequence. The client attempts to initiate several three-way-handshakes and receives no reply. These connection attempts are monitored by a daemon which interprets their destination port numbers asport knocking client-server architecture data. This mechanism has vulnerabilities that can be exploited by hackers with the help of data sniffed off the network. Through synchronization, these vulnerabilities can be minimized. A knock sequence is less vulnerable to replay and brute force attacks if its lifespan is shorter. All the entities involved in the knock sequence need to be aware all the time of the knock sequence that can be used. For this, it is required that clients and server share the same time. Both possess the means of the determining the sequence, which consists of a hash based on a preshared key, time value, client IP address and destination port. We present the means to achieve the client-server synchronization and describe an application that implements this.
doi_str_mv 10.1109/RoEduNet.2011.5993704
format Conference Proceeding
fullrecord <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_5993704</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>5993704</ieee_id><sourcerecordid>5993704</sourcerecordid><originalsourceid>FETCH-LOGICAL-i90t-b09638aedb830cd229dd81fb7b8de56437c0d5ab3cacb602de0d534d4e79f1b83</originalsourceid><addsrcrecordid>eNpVkMtKAzEYRiMqWGqfQIS8wNQ_yUwuSynjBUot0n3JJP_Y2JopmVStT--A3bj6OIvvLA4htwymjIG5e-1qf1hgnnJgbFoZIxSUZ2RilGZlpRTjolLn_1iICzLiIHXBQOgrMun7dwBgRirJqxFZ1t8ZYx-6SLuWWrrvUqbb2LltiG_U7QLGXPSYPjFRm9wmZHT5kJB-hbyhi9WS9sfoNqmL4cfmQXNNLlu763Fy2jFZPdSr2VMxf3l8nt3Pi2AgFw0YKbRF32gBznNuvNesbVSjPVayFMqBr2wjnHWNBO5xQFH6EpVp2XAak5s_bUDE9T6FD5uO61MS8QvoolYR</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Extension of a port knocking client-server architecture with NTP synchronization</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Popeea, T. ; Olteanu, V. ; Gheorghe, L. ; Rughinis, R.</creator><creatorcontrib>Popeea, T. ; Olteanu, V. ; Gheorghe, L. ; Rughinis, R.</creatorcontrib><description>Port knocking is a form of host-to-host communication which relies on deliberately failed TCP connection attempts. The information is encoded into a port sequence. The client attempts to initiate several three-way-handshakes and receives no reply. These connection attempts are monitored by a daemon which interprets their destination port numbers asport knocking client-server architecture data. This mechanism has vulnerabilities that can be exploited by hackers with the help of data sniffed off the network. Through synchronization, these vulnerabilities can be minimized. A knock sequence is less vulnerable to replay and brute force attacks if its lifespan is shorter. All the entities involved in the knock sequence need to be aware all the time of the knock sequence that can be used. For this, it is required that clients and server share the same time. Both possess the means of the determining the sequence, which consists of a hash based on a preshared key, time value, client IP address and destination port. We present the means to achieve the client-server synchronization and describe an application that implements this.</description><identifier>ISSN: 2068-1038</identifier><identifier>ISBN: 9781457712333</identifier><identifier>ISBN: 1457712334</identifier><identifier>EISBN: 9781457712357</identifier><identifier>EISBN: 1457712342</identifier><identifier>EISBN: 9781457712340</identifier><identifier>EISBN: 1457712350</identifier><identifier>DOI: 10.1109/RoEduNet.2011.5993704</identifier><language>eng</language><publisher>IEEE</publisher><subject>Authentication ; Cryptography ; Fires ; IP networks ; network security ; one-way functions ; port knocking ; Servers ; Synchronization</subject><ispartof>2011 RoEduNet International Conference 10th Edition: Networking in Education and Research, 2011, p.1-5</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/5993704$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,776,780,785,786,2052,27902,54895</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/5993704$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Popeea, T.</creatorcontrib><creatorcontrib>Olteanu, V.</creatorcontrib><creatorcontrib>Gheorghe, L.</creatorcontrib><creatorcontrib>Rughinis, R.</creatorcontrib><title>Extension of a port knocking client-server architecture with NTP synchronization</title><title>2011 RoEduNet International Conference 10th Edition: Networking in Education and Research</title><addtitle>RoEduNet</addtitle><description>Port knocking is a form of host-to-host communication which relies on deliberately failed TCP connection attempts. The information is encoded into a port sequence. The client attempts to initiate several three-way-handshakes and receives no reply. These connection attempts are monitored by a daemon which interprets their destination port numbers asport knocking client-server architecture data. This mechanism has vulnerabilities that can be exploited by hackers with the help of data sniffed off the network. Through synchronization, these vulnerabilities can be minimized. A knock sequence is less vulnerable to replay and brute force attacks if its lifespan is shorter. All the entities involved in the knock sequence need to be aware all the time of the knock sequence that can be used. For this, it is required that clients and server share the same time. Both possess the means of the determining the sequence, which consists of a hash based on a preshared key, time value, client IP address and destination port. We present the means to achieve the client-server synchronization and describe an application that implements this.</description><subject>Authentication</subject><subject>Cryptography</subject><subject>Fires</subject><subject>IP networks</subject><subject>network security</subject><subject>one-way functions</subject><subject>port knocking</subject><subject>Servers</subject><subject>Synchronization</subject><issn>2068-1038</issn><isbn>9781457712333</isbn><isbn>1457712334</isbn><isbn>9781457712357</isbn><isbn>1457712342</isbn><isbn>9781457712340</isbn><isbn>1457712350</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2011</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNpVkMtKAzEYRiMqWGqfQIS8wNQ_yUwuSynjBUot0n3JJP_Y2JopmVStT--A3bj6OIvvLA4htwymjIG5e-1qf1hgnnJgbFoZIxSUZ2RilGZlpRTjolLn_1iICzLiIHXBQOgrMun7dwBgRirJqxFZ1t8ZYx-6SLuWWrrvUqbb2LltiG_U7QLGXPSYPjFRm9wmZHT5kJB-hbyhi9WS9sfoNqmL4cfmQXNNLlu763Fy2jFZPdSr2VMxf3l8nt3Pi2AgFw0YKbRF32gBznNuvNesbVSjPVayFMqBr2wjnHWNBO5xQFH6EpVp2XAak5s_bUDE9T6FD5uO61MS8QvoolYR</recordid><startdate>201106</startdate><enddate>201106</enddate><creator>Popeea, T.</creator><creator>Olteanu, V.</creator><creator>Gheorghe, L.</creator><creator>Rughinis, R.</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>201106</creationdate><title>Extension of a port knocking client-server architecture with NTP synchronization</title><author>Popeea, T. ; Olteanu, V. ; Gheorghe, L. ; Rughinis, R.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i90t-b09638aedb830cd229dd81fb7b8de56437c0d5ab3cacb602de0d534d4e79f1b83</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2011</creationdate><topic>Authentication</topic><topic>Cryptography</topic><topic>Fires</topic><topic>IP networks</topic><topic>network security</topic><topic>one-way functions</topic><topic>port knocking</topic><topic>Servers</topic><topic>Synchronization</topic><toplevel>online_resources</toplevel><creatorcontrib>Popeea, T.</creatorcontrib><creatorcontrib>Olteanu, V.</creatorcontrib><creatorcontrib>Gheorghe, L.</creatorcontrib><creatorcontrib>Rughinis, R.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Popeea, T.</au><au>Olteanu, V.</au><au>Gheorghe, L.</au><au>Rughinis, R.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Extension of a port knocking client-server architecture with NTP synchronization</atitle><btitle>2011 RoEduNet International Conference 10th Edition: Networking in Education and Research</btitle><stitle>RoEduNet</stitle><date>2011-06</date><risdate>2011</risdate><spage>1</spage><epage>5</epage><pages>1-5</pages><issn>2068-1038</issn><isbn>9781457712333</isbn><isbn>1457712334</isbn><eisbn>9781457712357</eisbn><eisbn>1457712342</eisbn><eisbn>9781457712340</eisbn><eisbn>1457712350</eisbn><abstract>Port knocking is a form of host-to-host communication which relies on deliberately failed TCP connection attempts. The information is encoded into a port sequence. The client attempts to initiate several three-way-handshakes and receives no reply. These connection attempts are monitored by a daemon which interprets their destination port numbers asport knocking client-server architecture data. This mechanism has vulnerabilities that can be exploited by hackers with the help of data sniffed off the network. Through synchronization, these vulnerabilities can be minimized. A knock sequence is less vulnerable to replay and brute force attacks if its lifespan is shorter. All the entities involved in the knock sequence need to be aware all the time of the knock sequence that can be used. For this, it is required that clients and server share the same time. Both possess the means of the determining the sequence, which consists of a hash based on a preshared key, time value, client IP address and destination port. We present the means to achieve the client-server synchronization and describe an application that implements this.</abstract><pub>IEEE</pub><doi>10.1109/RoEduNet.2011.5993704</doi><tpages>5</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 2068-1038
ispartof 2011 RoEduNet International Conference 10th Edition: Networking in Education and Research, 2011, p.1-5
issn 2068-1038
language eng
recordid cdi_ieee_primary_5993704
source IEEE Electronic Library (IEL) Conference Proceedings
subjects Authentication
Cryptography
Fires
IP networks
network security
one-way functions
port knocking
Servers
Synchronization
title Extension of a port knocking client-server architecture with NTP synchronization
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-28T14%3A00%3A00IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Extension%20of%20a%20port%20knocking%20client-server%20architecture%20with%20NTP%20synchronization&rft.btitle=2011%20RoEduNet%20International%20Conference%2010th%20Edition:%20Networking%20in%20Education%20and%20Research&rft.au=Popeea,%20T.&rft.date=2011-06&rft.spage=1&rft.epage=5&rft.pages=1-5&rft.issn=2068-1038&rft.isbn=9781457712333&rft.isbn_list=1457712334&rft_id=info:doi/10.1109/RoEduNet.2011.5993704&rft_dat=%3Cieee_6IE%3E5993704%3C/ieee_6IE%3E%3Curl%3E%3C/url%3E&rft.eisbn=9781457712357&rft.eisbn_list=1457712342&rft.eisbn_list=9781457712340&rft.eisbn_list=1457712350&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=5993704&rfr_iscdi=true