[clug-talk] Port Knocking?

Shawn sgrover at open2space.com
Tue Jan 11 01:09:00 PST 2005


Hoping someone can help me out.

A client has a web application that they want to make accessible to their 
employees via the web (of course).  The catch is that the app has critical 
business data that CANNOT become available to script kiddies and/or the 
competition.  (There is a login routine, via the database, but I don't trust 
that on it's own with this data).

So, the options as I see them are to use a VPN solution only, bring in an SSL 
certificate and use HTTPS (though this doesn't really stop the script kiddies 
- just sniffers), or maybe use port knocking.

When I explained port knocking, the client seemed rather keen (even though I 
told him it's a relatively new technology).  The questions I have to find out 
now is what it would take to get this set up, in such a way that field users 
can connect via their laptops.  Does anyone have any experience with Port 
Knocking?  I know enough to know what it is, but that's about it.

Or would this situation be best suited to a VPN?

Thanks for any input.

Shawn



More information about the clug-talk mailing list